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From the Editor 


j 


fmiuii-y brings us the “big show:"" Maeworld. While tlierc are otlier Mac-reliiLed sIkws, nothing 
tfuite compares to this imnnal event. Even Apple - as a company - typically waits to make product 
announcements during tills particular m^ek. (If that surprises you, realize diat Apple doesn't own 
this show like they do Apple Expo). 


Of course, it*s leally alxjui the Mac t:t)mmunity and ecology, DotVt think that you can’t get involved! 
While its too late to do anything fonnal now, lake note of what gcx-\s on at the show^ and l^e pfe]>ared 
for next year Aside from the vendor lxK>ths, there are many eduaitional sc,s>sions (at wlnc:h I'll be 
s(X";iking), gathciings during the week anti the simple chance to meet and interact with your jxers. 

‘Ihls issue of MacTech should reach you Ixfore the sliow^ and, as a reminder, there will lie a 
MacTet'h Ixxith on the tloor H you brouglit your copy of MacTech along for your travels, don'l give it 
away when someone else wants it - send them to the Mac'l'ech lx)Oth to pick up a copy for tliemseivesl 

At Mac'ltvh, weVe Ixen talking alxiui wliai may lx rewetikxl at the show, making plaas to see 
friends and getting the Ixxxli ready to gieet visitors. This i.s die Hrsi year in San Francisco dial ihe show^ 
wall lx splii Ixlwt'en rwx> completely sepanite buildings. 1, for one, am intensely curious to see how diat 
works out, A Similar scheme Ixcaine unmanagt^iible hack in tlx days of a mid-year show in Bijston - 
although you had to take a bus Ixtween the kxtuions (any curreni rejiders rememlx^r iliiit?). 

(Continuing with the show theme, we aill this the ^shtiw Issue*' - for obvkxs reasons - and we're 
really hapfiy with w hat ha.s crime togetht^r Tlie big .story here is clearly Time Machine Clearly it wairks. 
Hut h(m> does it work? What are the caveats of tising it? l^ow am you Ixsi use it w'iih a mobile systenx*^ 
Kemrning author Rich Warren delves into the magic Ixtiind Time Machine, anti gives stmx lips beyond 
luMiking up a FireWire drive for liackup lime, 

Something for everyone litis month: Doug Hanley brings us part 2 of his detailed kxik at Apple 
Certifications, With the release of Ltxipaal, there have also Ixen c hanges to the certifiaition prexess. If 
you’ve Ixrn wailing to obtain an Apple Certification, there’s never Ixen a Ixiier time. Cherk out Doug’.s 
article to sfiovv you the w'ay! 

Once your new Macs gel set up and into end-users hands, hnw do you manage them? Du you walk 
around to eitch desktop and Io;id the new^ version of iWork? Ol' course' not, you‘a‘ smarter than that! 
[kii which of the many roots and metlHKls i.s right for you? Brian Best Ii:ls wrinen the dellniitve guide 
on the to])ic. On [>agc 62, you’ll find uur, "^Manage Y<Hir Loadset, Post Deploy” anicle, covering tools 
.such as ARD, LANHev, Radmind and more. 

Sjxaking of remote man^igemenr, if you’re a a)nimand-line-iyf>e like me. you may lx Itxiking for a 
comm;ind-line Uk> 1 that leLs you spray out cornmantis to list of machines. AllD without ARD, in a way. 
My Mac In The Shell column walks you thnnigli dshell. a Lcx>l to do ju.sL iluu. 

Hack in the .something-fQr-everyone categr>ry, Dave Dribin has been le:iding us down The Road to 
C^e, and is now .starting lo louch on .soine advanced topics, 'ihls month, we hit the Inheritance and 
Polymorphism milestone - a core concept in object oriented pn>gnimming. 

hist, bur certainly not least, we’re happy to be feitluring Peter N. lewis in ibis months MacTeth 
S[xnliglu. If you’ve Ixxn arf>imd the Macintosh any length of time, that .should lx a familiar name. If 
it isn’t, turn lo [lage H8 ngib/ r/o;c^;md find out w^hy! It's OK to start from the back. Reiilly. 

If yoiiR‘ at this yeads Macworld, please visit us at llie MacTech IxxHh in the West hall. If you 
love MacTet'h and want to rum someone new on to the magazine, send them by lor a complimentary 
copy! If ytxi’re not attending, them’s always enough ni'ws awerage to keep you in rapt attention. So. 
no iruiner w'here you aie in January. Enjoy! 

Edward Marezak, 

Executive Editor 
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by Doug Hanley 




Introduction 

hi tills series of articles we have been looking at Apple's IT 
cerrihcations. We liave examined reasons for and lienefiLs of 
gelling eenihed as well as ihe tirsting experience and the 
clianges to Apple's fl* cerliiScalions that Leopard brings with it. 
INo%v we are going to review the exams reqihred h>i’ ACSP 
(Apple Certified Support Professional) and AC'IC (Apple 
Certified Teefinical Coordinator). We wall also discuss hew liest 
to prepare Co pass tliosc exams and become cerliried. 

ACSP & Support Essentials... 

Apple's first level certification for Mac OS X 10.5 is 
ACSP, Apple Cerrified Support Professional, The exam will 
be available starling in February ai Apple Amhorized 
'I'raining Centers aiul Prometiic testing centers, and will be 
approximately 80 to tOO quest ions in length, fhe te.st 
verifies ilial you have a core understanding of Mac OS X 
functionality and that yott can successfully eonfigiire the 
key services. It is also expected that you can implement 
basic iroiib]e.shooiing and to aid users witli the essential 
capabilities of Mac OS X. 

More specific areas covered by the exam are broken 
down into ten categories. Those ten categories happen to lie 
the same number of cha[)tLTS in the Peachpit Press book, 
Apple Training Series: Mac OS X Support Es.sentiaIs (2^^^ 
Edition), ISHN^^ 0321489810. Correspondingly^ those ten 
categories are also I lie same number of lessons in the Apple 
Training class Mac OS X Support EssentiaLs vlO.5. The 
classes are only available at Apple Authorized Training 
Centers. To find one near yr>ig vi.sit 
http://framing,apple.conn and click on Locations. 

Before I take y(>u through the ten categories, lets 
examine two ways to prepare Uk the certification exam. The 
first, of course, Ls the Peachpit book. Kevin M. White is the 
editor of the Suppon Es.sential,s Book for Mae OS X 10.5. 


Each chapter ()f the book begins by providing an eslimate 
of the length of time it might take one to read the 
information and complete the exercises. Each chapter 
concludes wath a ILsi of acklitional resources an<l a f|uiz to 
help you review the material covered. The lx>ok is more 
than just an “l:xam Cram” giving you just enough to pas.s the 
test puhlication. It is a solid reference for those looking to 
build ilieir skills and gain a heticu understanding of Mae OS 
X and how to support it. I'he book has the combination of 
information and handson exercises that can help you 
niasier the skills and concepts needed. If you are a visual 
learner and can absorl) teclmical concepts by jusl reading, 
this may be all ihe preparation you need to pass the test and 
gel c'eriified as an ACSP. 

However since we all have different learning styles, this 
brings us to the next wxiy to prepare for certification: leader 
in.siructor-led training. Mac OS X Support Esseniials is a 
three-day hands-on course that is a comhination of 
interactive lectures and case study exerdse,s that offer 
students real-world dial lengths and support scenarios. In a 
classroom situation, you have the benefit of not only asking 
questions of the Apple Certified Trainer, but also interacting 
with other students who bring (heir own points of view, 
knowledge, and experience in the fieUI. Furthermore, the 
cla.ssroom is a .safe place to experiment witli the technology 
(without endangering a production machine) and a safe 
place to ask questions about concepts or procedures that 
aren't readily clear fruiii simply reading a h(x>k. If you 
decide to take a course and are evaluating training centers, 
ask for an instructor who does more than teach - someone 
who also works in the industry supporting clients in llie real 
world. Often, some of the most valuable information you 
will get from the course are the practical real world 
experiences and the .solutions di sex we red in the process of 
supporting the Maeinuxsh. 
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Today is o 
heading tc 
flying horr 
weeks her 
spectactiU 

Fric' 



Today is our last day in Halkidiki, Welt be 
heading to the airport in a few hours and 
flying home. We spent two wonderful 
weeks here* Yesterday's trip to Athos was 
spectacular! 



We are qc 
several oli 
be able to 
ground. 



We are going to visit Mount Athos today. It has 
several old monasteries but unfortunately, we won't 
be able to leave the boat and set our feet on the 
ground. 


In the old days, if you were designing web pages, 
you had two choices: 

a) make the type Look good using a bitmap — 
and Lose the abiLity to have your text indexed, 
searched, copied, or speLL-checked, or 

b) use a generic web font 

That's history. With Photofont technoLogy, your 
website can boast impressive typography, yet keep 
aLL the advantages of standard HTML text. 

Test it yourseLf at 

http://www.photofont.com 


Copyright ® 2007 by Fontlab Ltd. Inc, BitFonter*, FontLab", Photofont*, TypeTool'" Fontographer"*, 

FontLab Studio^* AsisFont Studio™, TransType’^” are registered trademarks of FontLab Ltd. Inc. InDesign® 
and Photoshop* are registered trademarks of Adobe Systems, Inc QuarkXPress* Is a trademark of Quark kic- 


WEB TYPOGRAPHY 

Photofont* WebReady™ 
Lets you format web 
headlines and other short 
web texts with any fonts 
available on your computer 
without damaging the 
original HTML. So that you 
can still search and copy 
the text. 

Virtually every user will see 
your website the way you 
intend it. And search engines 
such as Google will Like your 
pages, too! 

COLOR TYPOGRAPHY 

But Photofont® technology 
allows you to use more 
than just the normal 
fonts. You can also use 
photofonts with full color 
or grayscale, gradients, 
transparency and cool 
effects. 

With BitPonter’’”. you can 
make photofonts out of any 
digital image. Perfect for 
Illustrators, scrapbookers, 
photographers or 
calligraphers. 

PRINT TYPOGRAPHY 

Our Photofont® plugins 
for Adobe Photoshop®, 
Adobe InDesign® and 
QuarkXPress* allow you 
to use photofonts in any 
print publication as well as 
in web graphics. 

FONT EDITOR 
HEADQUARTERS 

Fontlab Ltd. is the world 
leader in font editors 
and converters: 

Type! ool™, TransType’’”. 
Fontographer™, 

Fontlab Studio™, 

AsiaFont Studio™. 

VISIT US AT 

WWW. fontlab,com 
w ww ph otofo nt. com 

















Categories Covered in Support 
Essentials Exam 

So let's get hack to die ten categories covered by tlie Support 
Essentials exam. ITie first one covers aspects of instjdJing JViac OS 
X. It is iin|X>rtant to know liic Irasc rc(|iiinenienLs for a machine on 
which Leopard installed. It is also essential to understand liow to 
trcHibleshcxiT an iiasucmsshil iastallation and verify a good one. 
The sca>nd category’ addresses tine way.s to create, manage and 
secure user accounts in Mac OS X. 

The next two categories are file systems and file management. 
You should know how to manage the file systems supported by 
Mac OS X and how to handle penui.ssions and ownei^fiip of the 
files and directories. One of the key aieas in of troubleslicxitirig Ls 
undei-sLanding the file system layout, where things lielong and 
why. You also need to know liow files are stoa.*d (i.e., packages, 
pILsts, re.sources, images, etc)* 

The fifth area deals with appliaitioas. You need to undetstand 
the diflerences iKtween a dnix pnK.x;.s,s and an end-user GUlactnal 
applic’ation. It is key to know whicli tools am help yt>u immitor, 
troubleshoot, and mantige those processes and applicatioas. 

Next up is neiwork configunuion. Tliere is more than one 
way to connccl a Mac to another niat:hine. These tkys, no Mac is 
an island; most computers are connected to at least to aone 
network, if not ihe Internet. You should understand network 
prottxrols, projKT network configuration and troubleshooting 
tlicxse connections. 


The next mo areas are accessing and providing nem^ork 
services, Tlie Mac is a gtxxJ network cilixen and can connect to a 
variety of different network ser\ices. It can also [irovide diose 
services to other machines. You will nec^ to know wliat services 
and proUxxils are supported, as well as ht^w to configure and 
troubleshoot those services. 

The peripherals aitegory covers all the devices you can 
physiolly or wirelessly cx>nnet1 to your Mac, in addition to 
printing and faxing. To suj>[30rt |X^ri[>herjJs ytru need tti know how 
they are conneaed and how they are supjxirted liy tlie oiieratiiig 
sysiem. 

Lastly we deal witli the Mac OS X startup prcxess. By 
knowing w^hat Ls going on during die startup prcx:ess you am 
lx!trer determine what area is being adected if a problem is 
encouniercxl during tliat pR>£.ess. You need to undersland all the 
phases of die Mac startup sequence* 

To reiterate the caLegories: 

Installation 

User Accounts 

File Systems 

File Management 

Applications 

Network Configuration 

Accessing Network Services 

Providing Network Services 

Peripherals 

Startup Process 
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Say hello to 

storage4mac .com 
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Short Term Computer Needs? 


• Latest Apple Technology 

• Legacy Macs 

• Windows Computers 



Mac Rentals 


Event Technology Services 



• Rent One or Hundreds 

• Audiovisual Gear 

• Projectors, Plasmas, LCDs 

• B&W & Color Copiers 



• Name Brands 

• Nationwide Delivery 

• Professional Setup 

• Onsite Technicians 

• Same Day Service 



• Compatibility & Compliance Testing 

• Short Term Projects, Production Needs 

• Trade Shows, Conventions, Corporate Events 

• Trainings Sessions, Classrooms 

• Fortune 100 and Educational P.O.'s Accepted! 


Toll Free 


800-756-6227 

Outside us/Canada; 858-454-8535 


For Online Quote Request, Visit: 

www.madcomputing.com 

Largest Apple Rental Inventory in the U.S.! 













A man: list of exam (>t>jeclivL‘S will alstt lx? in the 

Skills Assessment Guide (SAG) for the exam when that 
becomes available on the Apple Training website, 
http://training,apple,com/, As there was for the Support 
lis,senti;tls vl0,4 exam, tiiere may also lx? a Sani]>le 'lest with a few 
qiiestioas to give you a lx:tter idea of what to expea on the exam. 
Tlte SAG is a great review tool you can iLse with tlie Ixiok and/or 
following the training class. Alter you have piissed Support 
Essentials you are on your way to tlie next milestone on the toad 
to Ap[)le certification: Apple Cenified Techniail 
C(x)ixlinateorCcx:)rdinatc>r, or ACTC. 

A(TC &: Server Essentials Exam 

ACIG certifiaition is granled when you pass lx>th the Mac 
OS X Support Pisscntiais vlO.S Exam and the Mac OS X Server 
pAscnlials vl05 Exam. An ACTC is expedetl (o not only know 
how to work with and suppod Mac OS X client, but also set up 
and maintain Mat^ OS X Server. Tlie Ifeachpit book based on 
Mac OS X Server vlO.S: Apple draining Series: Mac OS X Server 
Essentials (2'^^ Edition) was edited by Sthoun Regan, a name 
well regarded in the Mac IT industry (ISBN^ 032149(i60i). 

Again, you can take the self-study approach lo ACTTC and 
Serv'CT Essentials, but you will need two com[)uters: one 
amning Mac t)S X client and the odier aintti ng Mac OS X 
Server. Mac OS X Server costs (499 tor 10 Dser Licenses and 
only $999 for Llalimiied User Licenses. This could be price 
limiting lor most people. In c'ontrasl many Apfile Authorized 
'ITaining Centers not only have the two machines for each 
student, l>ut some will actually u.se X.serveH as the server for the 
course exercises. This might Ix^ another deciding factor in 
where you would like io take your training course. 

Categories Covered in Server 
Essentials Exam 

There are also ten basic categories in the Server Ejvsentials 
exam and materials. In the cia,ss, there is an eleventh lesson that 
is the challenge. U builds u|xm the knowledge and skills you 
have learned throughout the class and gives ytJU a ixral world 
task to implement with multiple machines working 
collaboratively. 

The first category is installation and configumtron. It also 
cavers the basic server administnilion tools. Of course, 
troubleshooting installation issues is also a key part. Ihe next is 
providing DNS. DNS is tnily the glue that most network stirvices 
rely ujxjn to function properly. 

The third area <x)vercd is authenticaikm, autlioriz;Uion and 
access control. It is extremely im|X)rtant to know how Mac^ OS 
X Server handles these concepts of proving who you are and 
what you are allowed to do on the server and network. Open 
Direi'tory is the fourtli topic, and deals with providing directory 
services, single stgn-on and an mtroduction to Kerl)cTos. 

Tlie next two atregories are file services and mail services. 
Eile services are amcmg the key uses (reasons?) for a server. You 
will need to undcTsiand what prouxols Mac OS X .Server 


provides and Iram how to manage and irouhle-shcxk them as 
well. Email is also a rn;tjor use of a server. You should 
understand how to configure, maintain, and troubleshoot mail 
service on Mac OS X Server. 

Web service and collaliorative services are Lite next two 
categories. How to host multiple sites and provide Wel>DAV 
service are critiaiL Two of the colIalx>rafive services btiild upon 
the web server. Wikis and bltJgs extend Mac OS X Servers web 
.service to provide rich smiple collalKiraLive services. iCal 
services and iChat services will also need to l)e understorKl. 

Next to last, we have deployment, tising Mat' OS X Server 
Nell KH>t/Netinstall to deploy Mac OS X to oilier machines. You 
will need to know^ not only how L£> configure tlie service but 
also troubleshtioLing issues. 

Finally ihe lemli lesson deals with managing accounts. Pan 
t>f Oj>en Directory is rhe ability to manage preferences and 
network views for your users. You should understand how^ \o 
manage users this way and troubleshrxu that management. 

To reiterate rhe aitegorics: 

Installation and Configuration 
Providing DNS Service 

Authentication^ Authorization, and Access Control 

Open Directory 

File Services 

Mail Service 

Web Service 

Collaborative Services 

Deployment Solutions 

Managing Accounts 

Challenge (only in the class) 

When you pass l>f)th the Support Essentials vlO.> and 
Server Essentials vlt),5 exams, you will be an ACSP 10.5 (Apple 
(certified Support lhx)fessit>nal) and an ACIG 10.5 (Apple 
Certified Technical Coordinator). Anti[>o note that the Server 
Essentials vl0,5 exam applies toward your ACSA 10.5 (Apple 
Ortified System AdminisinuorJ certification. 

In the next article we .should will liave more detailed 
information about ihe re<tuirements for the ACSA 10.5 
certific ation. We will discuss the kinds of topics cfwered on the 
several exams required for the ACSA, and what resources are 
available to help yoLi prepare for iheni. Tiiose restjurces will, of 
course, will include Apjjle Authorized 'I'raining C-enter clas^ses 
and lKK>ks. 
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For Mac OS X 


Xserve (Intel & G 5 ) 
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Lithium Network Monitoring Platform 

Lithium can now monitor your Xserve, Xserve RAID, 
Qlogic switches. Airports, Mac OS X Server... 
and everything else in your network. 




www.lithiumcorp.com 
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Mac in the Shell 

by Edward Marczak 


Mass Remote 
Management 
with dshell 

Or, mass remote 
management without ARD 

\ __ J 


Introduction 

A ffatiirL* articic this nK)nth covers methods to mamige an 
amiy of Macs post~iiepkwmem, In other words, ajlir they’ve 
l:x^en imaged and rolled out to the masses. Tlic prtxlucts and 
methexis listed lliere are certainly applicable and appropriate for 
many situations. I'm going to descrilie yet another inethcxl tliat 
aaiies in handy in other situations, clsh, the distributed shell, can 
run a command ovtr groups of machines that you sfxx'ily. It 
performs iliis magic over ssli, so, you can affect machines over 
LAN or WAN links, near or fat Since OS X and other machines 
have ssh in their hise distribution, yrHJ t^an command aaxKs 
platforms. 'Iliis article explains Ik>\v you. tix>. c^n send oitt 
commands to all or a group of your Mac^ - simultaneously -- w\ih 
a single press of the terum key. 

Getting the Goods 

While there are many nice apps in the base distribution of 
OS X, dsh is not one of them, dsh Ls an agentless mntrolling app, 
so fortunately, you only need to retrieve, compile and install on 
one host, or any admin station that you need. You’ll need a 
compiler on some station to compile the prognim - typically 
meaning having Apple’s developer tools iastallecL 

'Iwo downlaids are needed to get ns g<ring. Visit this [rage: 
http://www.netfDrt,gr.jp/-dancer/5oftwam/downloads/lisLcgi 
and retrieve the latest versions of dsh and iibdshconftg. As of this 
writing, they are: 

http://vvww.netfort.gf, jp/^dancer/software/down loads/dsh- 
0.25,9.lDr.gz 

http://www.netfort.gtjp/ 'Hdancer/softwore/ downloads/1 ibdshconf 
ig'0,20.9.tar.g2 

It's Ciisy to take care of etmything while in termin:il: just use curl 
to downlcxicl the files needed (use “curl -0 http;//. 


tar Hi unpack (tar xzvf f ilenaite) and liien ifs simple to 
compile. Both pieces of code compQe cleanly in OS X 10.4 and 
10.5, and iristall in /usr/kx:al by default. Enter the libdshconfig 
directory ihaL you just unpacked, and simply enter the following 
commands (your entries in bold): 

$ . /cemfigure 

checkiag for a BSD cofflpat Hale Install.*. /usr/bin/install c 
[outpm snipped] 

config.status: creating Makefne 

cesnf ig. status: creating config. h 

config.statusr executing dopflles commands 

$ loake 

make all-am 

[output snipped/ 

creating libdshconfig.la 

(cd .libs rm -f libdshconfig.la && in -s 

../llbdshcoQfig.la libdshconfig.la) 

$ sudo make iiista.ll 
Password: 

/bin/sh ./nikinstalIdlrs /ust/local/lib 
[output snipped! 

/usr/bin/lns Lall c in 644 I ibdshconf ig,h 
/usr/iocal/include/libdehconfig.h 

Next, we need to do the s:ime fi>r tlsh Change into the 
dsh directory you nnpac'keti, and rc^x-at die same process that 
you just went ihnsugh lor lilxlshconfig (configure, make, sudo 
make install), Tlie entire prexess should take you less than 5 
minutes, literally. 

While you can alter the inslall directory, I recommend that 
you leave the default VLilues, and have the binaries and config 
Hies installed under /usr/locul. I ll be referencing that as die 
install location diroughout this article. 

You <“an verify installation by typing 
“/usr/local/bin/dsh” You should he told, “dsli: no 
machine specified", and dsh would right. 

The configuration 

Now that we fiave dsh installed on our adminLstmrive 
machine, how do we use it? Fortunately, under Ijeopard, 
/usr/locaf is a 'blessed' location, and is already in our $^1ANPAT1L 
If you’re using 10.4, you'll need to add Vusr/loail/sliaie/man" to 
$MANPATH and cxjxirT it, or a*-souiix* your init file. cLsli comes 
wiili some short-but-usefiil man pages. First, well nccxl to update 
the txinfiguration file. 

If you left each application take the dehiuli values during 
Uieir configure stage* and I recommend that you do, you’ll find 
the niiiin config file at /usr/IcKal/etc/dsft.cxinf. We need to make 
one change to This file. So, whip out your Favorite text editor, and 
change die line that reads: 

remoteshell “rsh 

to read: 

remotesb^^li “ssh 
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eSellerate. Complete. 

Begin defining your strategies at http://www.esellerate.net/mactech 




eSellerat€, the same team that brought you Installer Vise. 


eSellerate is a registered trademark of MtndVision, Inc - a Digital River Company. 







(If ytxfre daring, this can l>e achieved in one line witli sed^ sudo 
Bed -i *back s/rsh/ssh/ dsh.conf). Yon may also want 
ro change the ‘"waitshell” value from ""1^ to “0”. With a setting (>f 
1, dsh will hlcKk execution until die previous machine has 
returned. As 1 said, you may want to change this. It’s really 
applicable for very large rollouts. There's a man page available 
for the configuration file accessible with “man dsli.c-onf". 

Determining the Target Machines 

Before we continue, we need to take a step Irack and plan 
things out a bit. We need to determine which machines weVe g^.)ing 
to taigeting. Since weVe clxxsen ,s.sli as tJie tenioie mechanism, 
each rmcliii^e tiiat we’re going to want to control needs ssh enabled. 
Now u days, this is the default for most platforms and distributions. 
Tliai siiid, unless wc wdul to enter our t)asswo!d eacli time we make 
a dsh run, we’re going to wunt to cTeate a public key and instaD it 
on my mttchine di;it we want to administer. Also, we also need a 
list of axmputers \hy dsh. Tills list hiskully tells dsh, I1C7 - run this 
command tin all of lliese mad lines" 

ssh was covered extensively in this column in the Octolier 
2007 Issue, bur, as a tiuitk refresher, here’s the secjuence of 
creating a public key for ssh’s use: 

S ssh-keygen 

Generating public/private rsa key pair. 

Kilter file in which to save the key 
(/Users/admin/.Esh/id_rsa): 

Knter passpbrase (empty for no passphrase): 

Enter same passphrase again; 

Your identification has been saved in 


/Users/adral n/ -SSh/ . 

Your public key has bean saved in 
/Usors/admin/*ssh / i£l_rsa .pub. 

The key fingerprint is: 

6e:^b;ca;^i5 :2d-c7:3d; I4:d2:34: lerad :45Ta5;fc:8e admin@inachine- 
name. local 

In this sequeac'e, you simply press enter when asked for the 
passphra.se and to verify. Notice that ihe ourpui tells you that 
“your public: key has txxfn saved in,..”. Change directory to 
-“/.ssh. We necxl to copy tlie contents of the newly generated 
id^fsa.puh file to each machine thar we’re gt^ing lo manage. 
Forlunalely, this is a one-time step. 

Easiest instructions to write; ssh to the machine you’re going 
to target, using the admin-level account that you’ll Ix; running 
remote commands with; 

ssh admln@remote.example.com 
Once in, nro this command: 

ssh user@itiy .mschille.curn “cat .ssli/id_r.Ba. [itih*' » 

^/.E 2 h/a uth u rized_ke ys 

where ’user’ is the user account that you just had generate the key 
Ibr, and “my.machtne.com” is the machine where that user id 
resides - likely ilie inaciiine you're on right mm Once done, 
ryjx exit, and dieii try to ssh again. Ihis time, yt>u sliould not be 
asketl ibr a [password, but miher, simply receive a remore shelf 
In the twnt ilkii you cannot ssh back to your tiiacliitie, you 
c:an always manually copy your key Lo llie remote machine and 
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Upgrading to Leopard? 


Don’t forget to feed the beast. 

upgrade your system memory with Mushkin PerfectMatch to get the most out of OS-X Leopard 

Its a jungle out there when it comes to operating system upgrades and the ever increasing minimum system requirements 
for optimal performance. Now* with Mushktn PerfectMatch memory, you won’t have to play guessing games and choose 
between the increased functionality of Leopard and your current version of OS-X 

Because every PerfectMatch Apple memory module is built from components carefully selected to provide true compatibility 
and match or exceed the performance of the original Apple memory installed at the factory. Which means you can tame the 
beast and confidently and easily upgrade the performance of your system to run Leopard 
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Memory to match your system perfectly. 

€ Guaranteed, 100% Compatibi/fty 

Every PerfectMatch module is guaranteed to match or exceed the performance of the 
original memory installed at the factory. 

C Sav^e hundreds of dollars over the price of a new Mac 

Mushkin PerfectMatch memory upgrades provide an easy and inexpensive way to 
optimize overall performance. 


0 Taking care of your company’s road warriors? 

Now you can cater to your laptop users’ voracious appetite for RAM and enhance their 
mobile computing lifestyle. 

0 Your creative genius just met its match. 

Upgrading wrth PerfectMatch memory increases performance in memory-hogging 
multimedia applications. 
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add its conienLs Lo die ~/.ssh/audiorized_keys file on the target 
account. Tor more about ssh, creating ssh keys and 
troubleshcx^iing, see my ssh anicle in the Octoixjr 200 issue of 
MacTech Magazine. 

While you ttre accessing each remote macliine, you need to 
keqi a list of the aa'oiinr that yoifne accessing ii wiili, and ius fully 
qualified domain name (FQDN) or IP address. Once complete, take 
lliLs list and eiitcT it into /iisr/ltKal/etc/imchines.lisi in this fonmi: 

/tt^T/to<Mi/eU^rmtcbines. I isi 

nyadmln@ny,radiotope .com 
caadmn^ca. radiotope .com 
fladiti io@f 1 , radiotope.coin 
azadmin^az.radiotope.cora 

Now comes die fun part! 

Spreading the Joy 

Let's Stan with a easy one: viewuig the uptime statistics on all 
of the machine's weVe idenUhed. This is as e^Lsy as 

$ dsh -a tiptlme 

lfi:3S up 1^1 day£i, 9:27* 2 users, load averages: 0.19 0.13 
0.16 

16:33 up 59 days, 7;09. 1 user, load averages: 0.02 0.02 

0.00 

13:42 up 93 days. 3:25. 2 users, load averages; 0.02 0.02 
0.00 

1:39PM up 213 days, 4:01. 0 users, load averagest 0.12, 

O.OS. 0.04 


It’s a complete t:oint:idence dial diose are in order of uptime! 
Htnvever, that rai;>es tile question: wliat otder are they in? The 
M'* switch will prejx^od the machine mime l^efbre its output. Let's 
see that in action: 

$ dsh -M -a uptime 

nyadmlnSny.radiotope.com: 16:41 tip 14 days, 9:30, 2 users, 

load averages: 0.4y 0,27 0,21 

flafirtiin@fl.tadiotope.com: 16:41 up 59 days. 7:12, 1 user, 

load averages: 0.00 0.00 0.00 

azadmin@az.radiotope. com: 13:45 up 93 days, 3:20, 2 users, 

load averages: 0.01 0.02 0.00 

caadMin@ca.radiatope.cora: 1:42PH up 213 days. 4:04, 0 
users, load averages: 0.04. 0.0/. 0.04 

Jliere, that's ;i little Ixttier. Ttie “-a" swiLt:h tells dsh U> run the 
command against all machines tJiat weVe defined. 

If you opted to not use a waitshell - your conflg file still has 
the line Vaitshdl =V - you am override ihi.s ai runiinie using the 
switch. Also, if llicrels a macliine lliai you have no! added to 
yuur machines.lisi file, but want to use it ad-hoc, use the “-m'' 
sivitch. Combining all of these options would look like this: 

$ dsh -W -c -m txadmln^tx. radio tope .com -a 'last | head -1' 

f lailifiLni'fl .radiotope.coni: fladMitii ttypO 192.168.70.108 

Thu Nov 29 15:22 ’ 15:22 (00:00) 

caadiiiln@caadtiij n. rad I o cope, coim: caadmin ttypl 

192,168.70.103 Thu Nov 29 15:C9 15:09 (00:00) 

riy ad mi o@T>y. radio lope. com: uyadmln rtyp2 192,168.70.108 

Thu Nov 29 12:29 - 12:29 (00:00) 

Password: 

tjcadmi n@t:t. radiotope. com: root ttysOOO wl. z2. nyc - 


Is your business drowning in e-mail? 



MailTank is your solution. Try it free. 


Learn more at http://mailtank.com or call 877-622-8265 






The killer app for the Mac 
is better than ever! 

Parallels® Desktop 3.0 for Mac is here. 



hvmikitlnl 



With Parallels'^ Desktop 3.0 for IVtaCr you can; 

• Automaticaliy open Windows files with Mac software and Mac files with Windows software 

• 'Bulletproof'your virtual machine from Windows system crashes and malware 

• Run selected Windows-only 3D games and applications with 3D graphics support 

• Browse through Windows hies and folders without launching Windows 


nreoFT 

UU PARALLELS' 


Parallels'* Desktop 3.0 for Mac provides even more ground¬ 
breaking features and capaNlities than previous versions. 
Already the top-ranked software on PC World's "Best 100 
Products of 2007" list. Parallels** Desktop continues to drive 
innovation in desktop virtualization. 

Want better Windows and Mac Integration? Want to run the 
hottest PC games and graphics software? Worried about 


security and system mishaps? Paralleis* Desktop 3.0 for Mac 
includes 50+ new features and enhancements, including a 
number of Integration features and virtual machine utilities 
unavailable anywhere else. 

To discover why Parallels'^ Desktop is tire leading solution for 
running Windows on a Mac, visit www.parallels.com or call us 
at t (425) 282-640S. 


Download a trial today at www.parallels.com/downloacl 



Website » www.parallets.CQm Email - sales#paralle)$.C 0 in Phone - 1 (42S) 282-6405 































ay,ejuuiiple.ti^t T\m Nov 29 09:29 09:35 (00:05) 

fladmiR§fl-radiotope.com: fiadndn ttypO 10.0.2.J 

Thu Nov 29 13:37 13:37 (00:00) 

In one fell swoop, this mas the command “last | head -T on all 
macliine defined in our ntuchinesdisi file and additionally tjn 
"LxTadiolojxr.com’'. You1l see die "Password:” piompt in the 
output alx>ve as tx.mdiotope,com wasn’t preconfigured and Is 
using password aiithentit':Hion. Omv the (c'orred) p;ls.sw(jkI i.s 
entered, it lia^ifiily gives us liie output we’re i(x>king foi; just like 
the otlier machines. 

Final Tips 

dsh is useful enmtgh aln^ady, hut how am we make our lives 
even eiisier? First, you may nt)i always want \o run all commands 
on all machines. Tliea^ aie two ways around dils. One way Ls to 
use a group file. Simply crane a file using the s;ime Idnnat as 
machinesJist and store it in /nsr/loeal/etc/grcnip/gnjupnamc. So, 
let's say we wanted to target all of our West Coast servers. We 
could crane /usr/loait/eEc/gn>upAvest_coast and add to it: 

/iur/toea^tlt/^$tf/we>tja>^ 

waadiiin§W3. tadiutope. com 
caadmiii^ca, radlytope ,coii 
oradmin^or. radiotope.coii 


Grow Your Revenue 

with the 

Edgeos Security Services Platform 


Your expertise combined with the Edgeos platform 
enables you to provide Secunty Services to all of your 
customers, building loyalty and recurring revenue. 

Your security services for Your customers: 

• Comprenensivo private Idbeiing that enhances your brand 
and provides o seamless cusforner experience. 

• Sinn pie. scalable pricing that is aftordable for your business 
and ensures you remain profitable. 

• Robust scanning ertgine and extensive reporting to facilitate 
regulotory/standards compliance. 

• Easy to set up, use, grow and manoge. You can focus on 
what you do best. 

Visit www.edgeos.com/moctech/ today to view the 
demo ond signup for a free evaluation account. 


security services platform 
www.ecSgBOs.CQm/rivactech 

866.334.3671 



target your customers security 


Now, we on nin commands agaiasi ju.sl (lus 

$ dsh -K -g we£l_€oast v 

This will give us “who” (w) itifonnaiit^n troiii each server in the 
“west^coasf group, 

Also, you can specify hill server ILst.s in an ad-hoc fashion. 
Craac a file using liie machines.list foniiat, and sfK^cify it with the 
“-r switch. 

Nicely, if a machine definiiion ends up in multiple files, 
s|>ccifying it multiple times will ix* reduced to a single invocation. 

'llie real magic here is that all input to dsh are simple text 
tiles. Decisions can be. made, results gmNxxl from a database, files 
created on the fly and commiind.s send to appropriate groups of 
machines. 'Iliink alxjut how you could group machines: by 
Ux^aiion, by service Cwei>, directory services), by class (PPG, dual- 
prex), by ust‘ (adminlstnuive, devek^pnient), etc. 

In Condusion... 

Despite Uie sul>hc“ad, 1 don’t Ixlieve dsh Ls meant to replace 
ARD, However, for server management, it may fit into your 
wfjrktkw lietter mul can reach out to machines that ARD c^m't 
touch (think Linux or BSD servers...even Windows, with llie rigllt 
software and niind.sel). This can give you some incredible control 
over annies of machines. You have Ml the flower of a shell on 
the remote niachtne. You can be very ertnilive anti powerful with 
tills! 

Until 1 found tlshell, I used to do something similar by tesing 
a for loop to exeaite commands acft>s.s macliinej^: 

for i in "cat servers,txt': do 
ssh root:@Si KofTwarettpdate -1 -a 
done 


However dsh has Ixxiai thougiit out tnuch more rlian the 
'‘ford{K>p-solution“ and Ls much more extenrlilile. 

l >on't run dsh in your prcxlutlion enviremment until you read 
die man page, wliidi deUuls some other ofitions for limiting how 
many remote machines are accessed at any given time. (look for 
the -N and -F options, spedfinilly). 

Media of the month: Wall WhIlmarL 7he Compkte 
Start the year t)ff writh some poetiy - es|>ecially if it’s not your 
usual fare. Wall Wliitman doesn't do it for you? Check out James 
Joyt'e or Emily Dickenstm - there are anming gems in that 
timeless writing. 

Happy New Year! 



• About The Author 

IdMaraak b the owner of Rar&rtope, o tednndogy 
sobiRon provbkr. He a also a hosboHl, father md 
avid wearer of pants, taf-f /dev/brmat 
hlip://v/ww.rodiotope.com/writing 
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10 Reasons Why 
Servoy is a Good 

Alternative to 
FileMaker Pro 


1. Scalable 

Scales WAY beyond 250 Users- and there 
is no limit to the number of "files open." 

2. Stable 

Servoy is not a database.lt will never corrupt 
your data becuase all your data is stored in 
one or more SQL databases. 

3. Linux Compatible 

Run Developer, Cl lent and Server on Linux, 
Solaris, Mac, Windows, AIX and more. 

4. AJAX Web Client 

Automatically deploy your solution to the 
web with a full AJAX client with zero code 
and even includes data broadcasting in the 
browser to LAN clients and other web users. 

5. Version Control 

You can roll out and roll back multiple 
releases - live with clients connected. 


6. Object Events 

Automatically change your user interface 
(dim fields, hide objects, etc). 

7. Standards-Based 

Servoy is based on industry standards Java, 
JavaScript, XML, AJAX, HTTP,SQL, SOAp 
HTML, RTF, PDF, and more. 

S.True SQL Front End 

No more having to use ODBC on the client, 
no SQL manual scripts - it's automatic, 

9. Logic & Data Separation 

Updating your solution means NOT having 
to import any data at all. You're only updat¬ 
ing the functionality within your solution, 
and you can deploy right over the web. 

10. Flexibility 

You can use any SQL database you want - 
even use several at once. 


SERVOY 

Download a FREE trial at: www.servoy.com/mactech 
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Detail of Appfe-Qualified OWCheat i 
spreaders for Mac Pro Quad Xeon 1 


I owe offers rtiermory tr.vlf* m ft''hiHC!S'| 
[Sce WWW, fflgfsafes jom for dgEails, j[ 


Atl memoiy fromOWC meets or exteeds Apple's specifkailtons aivd is backed by a 30 day money-back guarantee and LiFETHVlE Advamie Replacement War rarity ► 


I MEMORY UPGRADES 


ww w, maesa I esxof^Vmemory 

owe Mac Pro S-core/Quad-core Memory 

1GB, 2GB(r 4GB Matched Sets for up to 32*06 B 
Mac Pro Upgrades from $4437 per G8 

owe Mac PraS^cora/Quad'Core Memory 

Fully tested and certified to meet or exceed all Apple 
specifications for use in Mac Pro for a lifetime of 
pr\ F ;rnnance. OWC Memory includes the use-of actual 
A p p le- y ua I IF ed. H rea d e rs lo-erisure. yo u ut.) 


We have the right memory for your Mac' 

owe has memory for nearly every Mac 
including G3,G4, and G5I . 





2.5" SATA 

160GB and up to 
320GB from $99.97 


3.5" SATA I/ll 

up to 1.0TB! 

300GB to 1.0TB from $69.99 



3.5"IDE/ATA 

80GB to 750GB from $44.00 
2S0GBffom $78.99 



2.5" IDE/ATA 

NOW up to 250GB! 
lOOGBfor $69.99 


"^LAPTOP BATTERIES AND CHARGERS; 
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NewerTech* 

2-Bay Battery 
Charger+Conditionen 

Delivers the longest 
runtimes and extends 
lifetime from PowerBoak^ 
^Book^ Mac Book ^ and 
MacSook Pro batteries. 
$14935 


ijviodbook; 



WWW iTidi. ".aiev ‘‘m f/newef tv >:h 


NuPower*"..Jhe highest capacity 
Power Bo ok and iBook 
replacement 
batteries PFRIODi 
from $99*95 
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Call or visit www.macsaies.com/mcidbook 

V___ 


f RxroTifajon modboort 

Mac Tablet Computing is here - NOWl 

133 ■ Display up to 4.0G6 Memory 
320GB HD, 2,2GHzCore 2 Duo, 

Apple OS 10.5 'Leopard'^' 


Mod boo 

from $2254 


Mac 



License 

t$122i99| 




SOPERDRIVES^ 

WWW mar. sa les.cii' niAu peid rives 




Internal SuperDrives for 
Desktops/Towers from $3435 


Internal SuperDrives for 
Apple Laptops fronri $109.99 


External SuperDrives 
USB 2.0/FireWire from $79.99 
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Featuredr 
iMac& 
MacBook ^ 
.Memory/ 


^^“Tharsa great deal!" 

-y -Da N a itiitton/Mac Obscrvfr'^ 


Memory for Applets InteP Macs 

Upgrade ^ple MacBook, MacBook Pro, iMac*, and 
Mac mini Core Duo/Solo, Core 2 Duo, and Core 2 
Extreme. Now up to 4.0GB Availafale!^ 

^ 1.0GBfrom$27.50 

gfk 2.0GB frorrv $59*99 

MB 3.0GB Upgrade Kit* $85,00 

gMf 4.0GB Upgrade Kit*^ $119.00** 
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GUARDIAN MAXIIViyS 
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Fun on Mac, 
Great Games 


Hie iatesi games 
from $19,99 


ProsoftData 
Rescue II 
TTie best Mac data 
recovery s< 3 fi ware 
on the market for 


ProsoK Drive 
Genius vT,5 

Maintain, manage, 
optimize, and repair 
your hard drives, fully 


recover ing files from compatifal e wi th G 3 / 
a problem hard drive. G4/G5 and Intel Macs. 



Only S75.99 
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‘ FireWire' 800/4<KfFUSB 1.0 
hlardware RAlD-1 (MirrOfed) 
Data Reduitdartt S^ution 

* tkiio f(JTBof!^agec4>aaty 

* Provides "Itve activity^ backup 
of aitk^ data 

* Phig arid Play sinirpJicrty on arty 
Mac Of PC 

2S0GB to 1 OTB from $329-99 

SOOGB ofW S399.t9 
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800 . 275.4576 




EXTERNAL STORAGE SOLUTIONS 


{FIREWIRE, USB, St nSATAJ 


sr 




Performance Plug and Play FireWire 
SOO/400, USB 2.0, & eSATA 


Mil' »Mt 

iTEgL>|l 




'#H3’ 



0 WCM«fcufyU[|«AL 
Pto 'QuBd lrrt«rfact' 

35c»Ge lo roTsiTorroGBf 
from SI 75,00 
Trip*' fWWfV-t() 0 U]SB 7 j 0 
80G« to 7S0CG 
fruflt I129.49 


owe Meicury On-Thfl^-Go 
FireWire, FireWire 
+USB2 0, USBiJO, 
USB20+eSATA 
SotmlofisuploasoGB 
front $87.99 


owe Neptune 
FW400 
frorrr $91.99 
2SPGB for $119.99 
SOOGB for S 169.99 


;oWCMefcuiy 


;fTom $229.99 


mlniSiack' vl rwatKvwnitvcisp/cvcyvlrt. 
SuEutlons up ro 1.0TB tIOOOGB! 
from SI S9.09 


w w w. IT lat. CO Mi/r j h J 

UptoS.OTBwith 
RAIOO, 1,3, S,6,10 

eSATA/FWSOO/USB2.0 

Solutions 




mOMtKimy 
Hack Pro Solutjoins 


Prwoft Engineefirtg' Data Badhup 3. 
MovjiStor Nova BACKUP", and Intodi" 
£p«d Tools 


...ji siffli viilu»nir:H 
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ifit*, Mtratry Otflh*-Ga, 
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Build your own drive 




3.5* Single Si 
Dual Kits 
from $49.80 


2.5" Portable Kits 
ffomS29.9S 



USB 2.0 UNIVERSAL 

DRIVE ADAPTER 


POWER MAC G4 - 

PROCESSOR UPGRADES 


www.macsales.com 



[l©!j510§iJ3arto[^^ 

(i®3 

From 60x, G3, GA, G5 to Intel Desktops, Towers, 
Laptops, and Alhin One, OWC has the Goods to 
Maximize Your Mac. 
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The Swiss Army Kn Ife of Disk Connectivity 


w ww jnac <a le5 com/^aste r 




Gives New Life fo 0/d Dn vesi 
Connect any 2,5', 35", 5.25" IDE 
and SATA device to your 
computer through your USB 
2.0 port. Easily transfer 
files from computer or 
notebookp back up files, or 
store large file archives on 
hard drives. Only $29.95 


for $199.00 
1.5GHz $259.99 
2.0GHz $399.99 
Dual 1.8GHz from S549.99 


Put a f aster processor 
in your Mac lor up to 
1BX the performance, 
fiom $175.00 
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ckups Using 


Time Machine Overview 



YouVe lit";ircl of *riint* Machine, right? One of Lc-ojyaal's 
must-ad veil ised new feanines, a complete [>ackup sedution stj 
simple even my Auol Agnes a>uld rise iL Jnsi plug in an external 
drive, and lxs)pard asks if you want to use it kn your Ivackiips. 
Click Yes, and then fVjrgei alxHit it. 

You won't find a lot of customixatinn. 'lake a ltx>k at the 
System Preferences. There are only lliree l>ullons. Yt>u can Uirn 
Time Machine on and od, select or change your backup drive, 
and clKX)se files or folders to ignore, Most jxs^ple will never 
need to touch ihe-se preferences, since Time Mat liinc provides 
reasonable defaults. It will back up your entire ItLird drive and 
any iniernat (Irives. but ignore any attached volumes. Once the 
initial backup is coni()lele, il wall make an incremental backup 
every houj; recording any and all ckinges. 


ShtMrjUl 


rttA« Muhirttr 



Time Machine 

OFF pWf ] ON 



Change Dtslt, .. 
Options 


home 'i -Mii 
AvailalMA 

OWwT twiiao: NcwfBtwr 2. 20^7 
LjItvM locliiip: TedJtv. 1:04 PM 

MbmI tUiLkmttq — 


Time MKhine 

* Mourlr twtkujjs tof xht paw |4 hwufi 
< DaHy EMflupt ter 4|ii« pkM ntomli 
■ ^ifkcy hukupi Niitir faar hwlrcjp cl1<ik ]| FulF 




CIlcK the teth 1& iei!«VHin Furthtr Chortgci. 




Unfortunately, 'Time Machine cannot backup a l*ile Vault 
protected home directory' while tliut account is logged in. Kile 
Vault u,sers also cannot bnmse their liistory' or restOR* individual 
nics. Instead, Kile Vault users must restore their entire directory 
using the Lc^jpard install disk. 

'1 ime Machine will keep hourly backups over tlie last 2A 
hours, daily backups over the la,st month and weekly backups 
forever, or at least uniil you run out of disk space. If *llme 


Mac:hine needs to fme up stsme space, it will begin deleting the 
oldest Irackups first. 

Ok, let's see who was jxiying attention. Show of hands, 
wh(> sees a problem here? Yep, the oldest backup was tlie only 
full backup of our entire ban! drive. Tie newer liackups simply 
record infomiatiirn that has changed. If we delete the oldest 
backups, w'on't we lose most t>f our infomialion? 

Not really. Tierels a little Unix magic going on under the 
covers here. But. Ixfore 1 explain that, let's l(X)k at how the 
backups are saved, 

Backup Format 

Time Mat'hine ,siores local backups in a folder named 
Backups.backujKili. Witliin Backups.backup<lb you will find 
more folders—t>ne lor each computer using this drive. Yes, 
multiple compuiers can hack up to the same drive. It just uses 
up disk space faster. 

Inside your computers foklen yt)U will find even more 
folders—one for each backup. The folders are labeled with the 
lime and date ol'iltai Ixtckuj) Kinaliy, inside each of these you 
will find your entire hard drive, 

Tiere are two important points here. First, the backups 
are not cncry^pied, compre.ssed or stnretl In an impenetrable 
binary format. You still need [jermission to access tlie files, so 
other tLsers can't browse through your backups, but fime 
Machine gives you Full access to all your files and foklet's. (Ed 
Note: Of course, these [yemtissiom only apfAy to the mmpnler 
that the drive tv conmxted Uk AU bets are off for 

imynme takiu^i^ ibis drive /o another computer, or, for auyime 
with admin leiKd access on your Time Machine computer. So. 
ix* cautious with this dnix^ ifwu batK^ artyserLKiiite dtUaJ 

That seems like a little thing, but this little thing w'anns my 
geeky heart. Apple has given us complete acces,s to our 
backups, That means third-party developers can create new 
uiilitie.s to work with 'Fime Machine. I can even brQW,se and 
restoiu old files by hand—not that Kd want to. But I can, and 
that makes me hap[>y. 
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^ HASP, ^e#l Choice of 
Sofh^re Developers Worldwide^ 

•Source; fnst « SuH/ran tl»fAf-70, 

../DCBu/fctin*14«2 


• ■ , 'V. ,;. 
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to unauthorized software use 


REINVENTING SOFTWARE PROTECTION & LICENSING 


Follow th# signs to HASP HL - 

the market's leading software DRM solution 


HASP HL provides the highest level of security for your software. Featuring 


easy-to-use tools, HASP HL automatically protects your software and enables 
new and innovative licensing options. 

• Strong copy f>rotection: Powerful 128-bit AES encryption provides 

a strong locking mechanism that ensures you get paid for every copy of 
your software in use. 

• Unmatched intellectual property protection: Automatically protects Windows 
executables, DLLs. Mac applications, and offers class-level obfuscation for.NET 
framework 2.0 applications Multiple encryption layers ensure your valuable IP 
remains unreachable and your R&D investment is protected. 

• Secure & flexible licensing: HASP HL enables a variety of secure and flexible 
licensing models and ensures end-users comply with software licensing terms. 


See for yourself why IDC ranks HASP #1. 

Request a Software Developer Kit today at vvvvw.Aladdin.com/StopPtracy_IVIT 


NORTH AMERICA: I-800-5S2-2543, 847-818-3800 
JUK • GERMANY • ISRAEL • BENELUX • FRANCE • 


SPAIN • ITALY • BRAZIL • INDIA ' CHINA > JAPAN 


e Aladdin Knowteda* System^ Ltd 4| I rIgSiti re«fv#d Aladdin and HASP a« reglstei^d tradem vIl] of 


Aladdin Knowlfdfi Ud- 
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Time Machine's backups t>niy have one real limilatiem, we 
cannot boot from them. However, this seems like a minor 
ciuihble. (n case of emergency, just b{)ot to the Leopard disk. 
From there, we c:an restore our entire system from any backup. 

OK, now for the second point: each backup folder 
contains an entire copy of your hard drive. 

Yes, you read that correctly. So, lets see. 1 have 70+ GB of 
semi-random data stored on my kif)top (don't a.sk why —Vm 
not sure myself). My backup drive can hold 500 GB. I'hat 
means 1 can make seven backups before my hard drive tills up, 
right? 

Wrong. This is where the Unix magic comes in. 
Remember, Time Machine only copies files that have 
changed since the previous backup. If a file has not 
changed. Time Machine simply makes a hard link to the old 
file. If nothing inside an entire folder has changed, it will 
make a hard link to the folder instead. 

So, what's a link, and why are they so hard? 

Links are the Unix equivalent of aliases. IFs a shortcut 
that points to a file or folder. You can make them from the 
command line using the In command. Type man In in the 
terminal for more details. 

Links come in two llavors: hard and soft. Soft links are 
almost identical to aliases. You can use them to access the 
original file, hut if the original file is deleted, the link will 
now point off into empty space. 

Hard links are something different. Special, in a wirchy 
sort of way. Frcmi Leopard’.s man page: ^'By default, In 
makes hard links, A hard link to a Ole is indistinguishable 
from the original directory entry; any changes to a file are 
effectively independent of the name used to reference the 
file. Hard links may not ncjrmally refer to directories and 
may not span file systems.'’ 

Basically a hard link creates another name for the 
information on disk. The original file name and each hard 
link point to the same information. You can delete the 
original file, and as long as at lea.st one other hard link 


remains, the information stays intact. All existing hard links 
can still access it—as far as they're concerned, nothing has 
changed. You liave only erased ihe original file name. 

]f you want to erase the file, you must erase all hard 
links to that File. You automatically erase the file with the 
last hard link. 

Apple has taken Unix liard links and mixed in a bit of 
their own black magic* As the man page suggested, hard 
links usually cannot point to directories. However, in 
Leopard they can. [Ed. Note: See Gre^ ^4ii^er's arlicle on 
DTrace in ihe Nm/emher issue of MacTech for more details 
on (bis This makes Time Machine considerably 

more efficient. If an entire directory tree is unchanged, 
Time Maciiine can make one hard link to ihc root of that 
tree. Without directory hard links, you would need one link 
for each and every file stored inside, 

,So, when we delete our oldest backup, weVe not 
necessarily erasing the information. If any other backups 
have a hard link to a given file or directory, that file or 
directory will remain untouched. Deleting the oldest 
backup only era.se infonnalion unique to that backup. 

This bit of magic makes it look like each and every 
backup contains a complete copy of our hard drive. 

You cannot see it using the Finder, but each backup 
folder also contains a hidden file named .backup,log. The.se 
logs record verbose runtime messages from the entire 
backup procedure. You can mine these logs for interesiing 
inforniation. ThLs inciude.s: the number changed items, the 
size of the changes, the amount of time spent performing 
each step of the procedure, and a list of all old backups that 
Time Machine deleted during cleanup. 

Browsing through the log files can give you a better 
feel for what lime Machine does under the hood. 
Unfortunately, Leopard's finder no longer has an opti<jn to 
show^ hidden files, so you will need to use a third party tool 
like Path Finder, or browse the files using the lerminal. 
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MPEG Layer 3 Stereo 44.1KHZ D 


ITunes 


Using WireTap Studio, you can record the discrete audio output of any 
application, as well as all system audio, or record audio input from any 
microphone, line-in, or audio input hardware. 

If you can hear it, WireTap Studio can record it. 
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Merlin 2 


Project 
Management 
with 
a bit of 
Magic! 


Just three out of hundreds of features: 

Network-based Project Management 

Collaborate with others on the same 
project over the network. Just with a 
single mouse click. 


Automatic sync to iCal 

Sync your projects to iCal and then 
onto your iPhone or any other 
mobile device. 


Professional Cost Calculation 


ProjectWizards 

Merlin 2 is built from 
project managers for 
project managers. 



Define Budgets top-down or bottom 
up and compare them to planned vs. 
actual costs. 


Get your free demo version now! 
www.merlin2.net 


But how does it know what to 
back up? 

Ol^viou.s|y Time Mtichine canna scan every file on your hircl 
drive once each houc Most iTnirkiip .software sjwcs ciaziacss like 
ihLs ft)r 4:00 a.m. (or 4:{X) p.m. if ytHJ’ie a niglil owl). Instead, Apple 
uses the new' PSEvenLs franiew'ork to efficiently detemiine which 
files hiive changed. 

Apple designed the RSEvenLs Aid Lo pas.sively monitor 
large sections of your file system. When a change occurs, 
F.SEvents notifies all listening nj^plications, I'hese notifications 
are course-grained, Ixith in scope and lime. RSEvents tells you 
lhai the contents of a directory have changed, hut it does not 
tell you which files were actually modified. Additionally, 
ESEvents combines multiple recent changes within a single 
directory into tme noiification. Tlte.se limitations help keep 
FSEvenLs lightweiglil and efficient. 

Witile notifiGitioas are nice, 1^'SEvents goes one step hirther. It 
does not just hrtjack'asi these ev^ents; it also saves thcTn into an 
cwni datalxisc'. TIus rillows FSEvenLs notificatwjns to i^ersist. even 
acrcjss reixx>ts. 

Practiailly speaking, this means your :ipplic:ation does not 
need to aaively listen fttr events. You can catch events even when 
the at)i>lication is not running. Wlm\ you w:int to check for events, 
.simply launch the application, and have it queiy the event database* 
for any changes (wer the desirtxl time pentxl. 

Not siiqirisingly, FSEvenLs fomi ilie liackbone of lime 
Machine. I'ortunately, Apple lias tj[xmed this API, letting iJiird-pany 
dev^elopens use FSHvents in their own pnojcxis. 

The Problem with Physically 
Attached Drives 

So far everytlimg sounds gtxxl. Reniemlxfr, this is supposed to 
Ixr a sinijile systeiti—st) simple rltat everyone will use it. But there's 
a pro]>leni in paradi.st*. Atlat hing an external drive Ls fine for a 
dc'sktop computer, hut I do most of my work f)n a laptop. 
Q)n,s"tiintly jslygging and unplugging my external drive seems like 
a [XI in. 

1 luite to admit it, hut if 1 liave lo plug and unplug, I would 
])rolxil>ly forget to Ixick up my machine, lX)n’t get me wrtmg. like 
most peoj'jle, 1 know ( .sliouid do regular backups, and 1 would 
proixthly lx* really gtxxJ alxjul it—for a week, imylx two. Hut, 
eventually things wotild start to slip, and all too soon, months will 
go by Ixtween backups. 

If Time Machine hopt*s lo lx.'4:onK‘ a real Ixickup solution for 
the masses, tlien it lias to lx invisible. ITadically speaking, it must 
to work with a server or network drive—prefenibly wirelessly. 


The Mysteriously Vanishing 
Air Disk 

OrigiiKilly, Apple promised backups to a hard di.sk attached 
to an AirPott Extreme Eiase Station. Llnlbminaldy, Apple pulled 
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^ Waveform 


MPEG Layer 3. Stereo* 44.1kHj:* 320kbps 


Format 


Constant S4t Rate 


320 kbps 


Cusiom (MPEG Layer 3) 
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File Format 


Addio Format 
Encoding Type^ 
Sampte Rut. 

Eil Rate 
Ouality Ifivtl: 
Channels: 


Stereo. 44.1kHz, 320kbps 
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WireTap Studio's revolutionary non-destructive audio editing technology lets 
you edit your recorded audio without any loss of quality or content. 

Finally, an audio editor that's powerful, intuitive, and easy to use. 
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llie Air Disk I>^Jckllps I’Jefore Ixa)p;trtl's nL-lciisc. Air Disk 
support may show up in a fiiture iijxiate (ptxssihly hetbre you 
rcrad this). But, as riii writing, die Air Disk is simply not an option. 

Still, all is not lost. 'I'inie Ma< hine can back up to unotlier 
Mac running 1 jeopard (as well as Leopard Server or Xsan storage 
devices). The host Mac must enable Personal Pile Sharing using 
Apple Filing l^rotocol (APP). 

in my case, I have a Mae Mini with a 5(X) CB external drive. 
I use that drive to hack up my laptop, my wife's laptop and the 
Mini itself Tlie laptops automaiicilly back up %vhenever they're 
attached to my wirele.ss network. It all works, almost like magic, 

Security and Your Network 

Let's lake a second to really think uliout what we're doing. 
We w'ant to copy everything on our computer to a network 
acces,sible drive. By ciehniiion, network drives arc designed to 
allow easy aix:es,s. Sure, we can try to protect the information 
with passwords and access control, bur a networked drive will 
never be as .secure as a tightly firewalled com[)yter. Additionally, 
we now store all our vital infoniiation in two tlillerent kx'aiions; 
that was dte whole |x>int of the backup after all. Dnfonunately, 
diis also means that hackers am access the information if eiilier 
location is compmmtstxi. 

Security experts often talk alx)ut the struggle bel\vet‘n 
security and convenience—well, networking Time Machine is 


incredibly convenient especially when we use a wireless 
network. We’ll take steps to harden our network in a moment, 
but lets face facts. If someone is determined enough (or possibly 
ju.st bored enough), they can probably break in, 

St) slop for a second. Take a deep breath, and really think 
alK)ut this. What do you have on your computer? What wtmld 
happen if someone swiped that infonnalion? On the other hancL 
what would happen if your computer crashed and you lost 
everything? Talk alxxit nxks and hard places. 

For my.self, as long as 1 t:an make hacking my network 
inconvenient enough to keep out most .script kidciies, 1 feel 
reasonably .safe. After all, I often leave my laptop aiiached lu my 
home LAN, even w'hen Fm not using it. If someone really 
wanted the data, they c'ould always go for the originals. 

One last word of warning, Fm not a seatrity expert, Tltese 
are the steps I use on my owm machines, f>ui don't just take my 
svortl for it. If you're worritxl, go out and road up on the subject. 
Of course, you may not sicvp nights afterwards, but at least 
you’ll be forewarned. 

Hardening your Wired Network 

In many ways, it's much easier to protect a traditional 
Kthernet LAN. Machines must be physically airacdied to the 
network to even see it. Obviously, if the network 1ms no 
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WireTap Studio's patent-pending LivePreview^'^ technoiogy iets you 
hear your encoded audio before you record. Lossiess master recording 
technology lets you play with compression settings, effects, and aiso 
edit your audio without any ioss of quaiity or content. 

It's a true breakthrough in audio recording technoiogy. 
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connect ions to llic uuLside world, then no one c;in see your 
datu. 

Unfommately, most home LANs are connected to the 
internet, which then opens them to the entire world. .Still, all 
coniniunicatiDn between your home LAN and the iniernei 
must pass through a single door—your router. So, just like 
protecting your real property, shut that door and lock it. 
Kec[> a careful eye on who comes in, anti what goes oul 
Start by looking at your router's security options. It's 
hard to talk in specifics, since each router is different, but 
Imically, if you don’t need it, close it. You might look for 
things like port foiivarding or UPnP. Try to make sure yiju 
understand wiiaPs turned on and why^ 

Tf je same principle applies for each individual computer 
on your network, look at your Sharing preferences. If ytm 
don't need them, turn them off. 1 would also recommend 
turning on your computers firewall, and heeding the 
information in Apple's KB article about the leopard firewall 
at http://docsJnfo.apple, com/article. html?artnum=306938, 
Of course, even the best firewalls cannot completely 
protect you. So far, Mac users are lucky. We donT face the 
same plague of spyw^are, trojans, viruses and other rnaliciou.s 
applications. Btii iliat is no reason for lenience. It's just a 
matter of time. 

Malicious software can put yfnir data al risk, m let's be 
careful out there. Know wliat you're downloading, and who 
you're downltjading it from. Also, think about the other users 
on your computer, or the other machines on your network. 


If any of them become infected, iliey might leak information 
that puts you at greater risk. 

Hardening your Wireless Network 

Adding wireles^s networking auiomatioally makes things 
harder. Radio waves go tlm>ugil walls, and once w^e start 
Imiadcasting, ifs haal ti> limit how far the information iravels. 
We can’t simply harriaule the from door anymore. 

Right now, a team of over-caffe inateci, sweaty-palmeci L331' 
lIAXf^RZ might be cruising through your neighborhood in a 
l>eat-up 72 Pinto with a dut i -Piped Pringies-can antenna and a 
laptop full of cracking software. Stranger things do hapjtjen. 

More seriously, m;my jxnii^le use flawed senirity pmcikes 
on their wireless networks. Some exclusively rely tJU MAC 
filtering (that's Media Aeces.s Control, not Mac the computer) to 
jirevent outsiders from logging into their network. Unfortunately, 
if your network traffic is not encrypted, there’s nothing to stop 
outsiders from monitoring the unencrypted infomiatioo that 
you’re brtJadc'asling, Worse yet, you can fmtl .software that lets 
you scrape out and mimic a valid MAC address from the nelwtjrk 
chatter. On it s own, MAC filtering provides no real .security. 

Tlie WF-P t.mcrypiion pnaocxjl ulstj falls depmssingly short. 
WMe WEP may keep your neighlx>r from stealing your wareless 
to download porn, several weaknesses have Ixeit found. 
Mcjciern software cm otien break WKP encryption in just a few 
minutes. Despiile lliis, WPP remaiii.s the detail It on many wireless 
routers. 
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Revolutionize 

your Lifecycle Management 
Strategy with LANrev! 

True Cross-Platform Lifecycle Management has arrived! 

Do you need to manage PCs with a Mac? Macs with a PC? 
LANrev is the first client management solution 
with true cross platform functionality 
for today’s heterogeneous client environments. 


Disk Imaging 
Asset Inventory 
Software Distribution 
License Management 
Patch Management 
Remote Management 
Role-Based Administration 
Change and Configuration Management 
LANrev TheftTrack Client Recovery 


LANrev is a scalable multi-platform solution, which can operate with equal efficiency on a single server 
deployment in the small to medium enterprise, or in a distributed architecture, managing thousands 
of desktops in a large enterprise. 

LANrev's modern, modular platform allows seamless integration into other desktop management tools such as 
Microsoft’s SMS, enabling your organization to leverage previous investments while ma^mizing current and 
future efficiencies through the use of innovative new technology such as LANrev. Ihe best part? You can take 
advantage of your current hardware infrastructure. Unlike the other guys, LANrev does not have massive, 
dedicated server requirements and you won’t need a team of overpaid consultants to deploy and use LANrev. 

See for yourself how you can increase your IT efficiency and performance while lowering your cost by using 
LANrev in your computing environment. Schedule a 6ree web demo and trial license by calling 
(214) 459-0136 or visiting www.lanrev.com. 
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WPA encryption addresses the weaknesses in WFl' hiii it 
has prc>b]en^s of its own. The "PtTsonal'' imxle used on most 
small networks rL*<|uires a password. Obviously^ your network is 
only as secure as your p;issword. All the advice on picking 
secure passwoixLs applies here—with one additional twist. Ft)r 
WPA encryption^ longer is l:>etter A typical 6 to 8 character 
password just won't cut it. 

Bottom line, here's my advice: turn on l>oLh MAC fillering 
and WI^A encryption. Give it a gcxKl, long password (you only 
need to ty|>e it once jier computer, so go nuts). And you might 
want to change your password periodically. Of exmrse, 
everything 1 said alxmt wired networks still applies. Shut otT any 
services that you dotft need, and enable the lirewall on all your 
imchines. 

Setting Up the Host 

Tliere are three basic steps fur setting up tile host machine; 
.setup the hardware, create the shared account and then share 
the drive. 

Set Up the Hardware 

Technically, y<ni don't need to add an additional hard clrive 
to the host machine. You c<aiid just use the host's hard drive^ as 
long as ifs big enough. However, 1 doubt this is a practical 


soiution. In most aises, you will want to attach an external hard 
drive. 

How large should ihe hard drive [yef Tliat's a very good 
cjuesiion, Wc don't have a lot of real-world experiena" using 
Time Machine yet, so Tm afraid I don't have a rock-scjlid aaswen 
Still, the basic rule of thumb seems simple; buy the biggest drive 
you tan afford. After all, I've never l;>een upset about having Ltx) 
much free space; I alwrays find some way to fill it. 

At a minimum, the drive needs to [>e bigger than all the 
drivers you intend to back up added together. Of course, Time 
Macliine is designed to browse thmugh your hart! drive's history, 
Ifsing a bare minimum hard drive^ ihal liistory will remin 
amazingly shtitl. Tfiis migiit let ytru recover your files when your 
liard drive crashes, but you won't lie able to find that email from 
ytjur boss. You know, die one you accidentally delclcxl last week. 

Instead, 1 rtx:onimcnd getting a drive at least twice as big as 
the total size of all drives youVe liackiiig up, 'I'hat should give 
Time Machine enough rcx>m to back up a reustmabic liistory for 
each computer 

If you're sdll having disk issues, you might want to look for 
llte file.s that are c'ausing the problem. Remenilier, lime macliinc 
backs up entire files. IJ’ a single hit in a 10 GB file changes, time 
machine will back up ilie entire^ 10 GB. 

llsually, this isn’t a problem. Frequently changing data 
tends to live in small file.s, Anc! large files, like videos, don't 
typically change. Still, there are a lew applications that could 
cause pain. ViritiLilizaiion software, like Farallels, often saves 
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Ovatab Phi ink is the ultimate message 
center for your Mac It answers phone calls 
and identifies callers using Caller ID and 
Apple's Address Book. It greets your friends 
with personalized messages. It records and 
stores messages on your computer and 
even forwards voicemail to email. 
Featuring multiple voice mailboxes, 
high-quality audio. Spotlight searching and 
fax capabilities, Ovolab Phlink makes your 
telephone part of the digital hub! 
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And you can fully customize Ovolab Phlink 
to do exactly what you need, using 
AppleScript: even set It up to call you bade 
on your cell phone when important clier>ts 
leave a message. 


Check it out on Jan T S at www.ovolab.com. 
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Point of Sale for Mac 

MYOB Checkout 



Mind Your Own Business. Smarter. 


800 322 MYOB (6962) 
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your virtual hard drive as a single ftle. This file ean easily Ixr 
10s of gigahyics in size. If you use Parallels a lot. the virtual 
drives will change frequently 'i'his could easily hog dow^n even 
the largest backup drives. 

If you find problematic files like these, simply exclude them 
from Time Machines hiickup. Of course, you probably need 
another way to back up that information, but leave ihul up to you. 

Create the Shared Account 

First things first, create a new user on the fiosL machine. 
This will .serve two pur|xjses. First, it adds a layer of protection 
Ixtr your backups. If someone accidentally downloads a 
malicious program to the host machine, hopefully it will only 
affeci their ae<t)unl, and your l)ackups will reiiiuin untouched. 

Also, ofKtiing a shared drive dt^es present a potential 
security weaknes.s. If someone muinages to break in using tiie 
drive, you want the hacker stuck in a restricted account with 
limited access to tlie rest of the machine. 

To set up the account, open die System Preferences. From 
the System row, select Accounts. 

Yoii will probal>ly need ti> unkxk die Accemnts f>references. 
Click on the kKk icon in the bottom leh comer, and type in an 
admini.strator user name and password. 

Click the button under the accounts list. Filter the user 
name and a secure password for this account. Again, yon will 
only manually enter this password a few times, so go ahead and 
make it extra pass wordy 


Make sure to set the new account type to "Sharing Only”* 
'ibis will create an account specifically designed for lemote 
access, Sliaring Only accounts do have a home directory; 
liowever, you cannot log into them locally As rhe name 
suggests, they are perfect for our purj'Kises. 

Clic'k the Create Acct>unt button, and youVe done. 


New Account: f SHaring Ofity _M 


Name: 

1 Shared Drives 

1 

Short Name: 

' shared 

1 

Pas.sword; 


■'[?] 

Verify: 

1 



Password Hint: 
(Recofrimendedl 
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t^Tarn on FileVault protection 

Cancel ^ ( Create Account 
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Share the Drive 

In llic System select Shurin^^ from ihe Iniemei 

ik Network row. 

Knabic File Sharing. By default, your Mac will use AFP. 
You can enable FTI^ or SMB sharing by clicking the 
Options... button, but Time Machine only requires AFP. 

Add the external drive to the list of shared folders. Click 
the buUon under the Shared Folders list, and select the 
drive. Note: other computers will not have access u> this 
drive when the host computer is sleeping. You probably 
want to go into the Energy Saver settings and make sure the 
computer never sleeps. 
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Back in the Sharing preferences, make sure the external 
hard drive is selected in the Shared Folders list. The Users list 
nt>w shows the access controls for this drive. Unfortunately, 
wc can only make limited changes here. Instead, let's open 
the drive s Info window. 

I'ind the hard drive icon on your desktop, Conirol-click 
on the disk icon and .select Get Information. In the Info 
window, expand the Sharing and PcT[TiLs,sion.s section. Here, 
you can modify the access permissions to this drive for any 
number of users or groups. To unlock the control, simply 
click the lock icon in the bottom right corner, then enter an 
administrator name and password. 


M/cam 


Visit mactech.com for the latest 
Macintosh technical 
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O O O My Book Info 
p' I My Book 

L_J Modified: Nov 7, 2007 12:03 AM 


▼ Spotlight Comments: 


► General: 

► More Info: 

► Name & Extension: 
" Preview; 



Sharing & Permissions: 
You can read and write 


Name 

Privilege 

^ shared 

* Read & Write 

admin 

t Read S Write 

^ rikiwarren (Me) 

5 Read & Write 

everyone 

$ No Access 


+ - CEI e# ^ 


For Time Machine to work, the shaaxi user must have !x)th 
rc-ad and write pcTmis.sit>n. 1 also gave the atlmi nisi rat ion gn>up 
similar jX^niiLssions; this Icis me acce,ss the drive IcKally when 
necessary. Unfortunately, my current acetamt shows up on thi.s 
iLst, and 1 cannot delete it. Since it is already an administrator 
account, 1 just mirrored iIhxsc pennissions. Finally, everyone else 
shtxild default to No Access, If you're not the shared account or 
an administrator, you don't get to touch this drive. 

Once the pennissions art: set, go txick U) the Sharing 
window. Check the access resiriclions listed tliere. Tliey should 
matcli the settings from the Info window. If they don't^ make any 
ntxes.sjtry changes. You can alsi) remove ihe .shared folders, if 
yt>u're not going to use them. 


38 January • 2008 


WWW.MACTECH.COM 
































IRBPbAGEMENT PARTS^# UPGRADES • REPAMtFOR,YOUR .MA0 


• FREE ONLINE DO-IT-YOURSELF GUIDES 

• SEND-IN Repair Service 


• BATTERY REPLACEMENTS FROM $94,95 


VISIT US ON THE WEB» 
OR CALL 066.726.3342 


tw. PowsrtiookMsdIc.coin 
3 Sparkman Dr. Ste. 1620 
inlsvMle.AL 35616 
I/Fax; 866.726.3342 


• POWER ADAPTERS FROM $ 24.95 




Your Moc Our Patient 










Finally, Leopard only moynts external drivers when a user is 
logined into die host mac hine. If no one is logged in, you cannot 
access the shared drive remotely. To fix tliLs, open ifie command 
line and type the command listed Ix^ow (all on one line). 

sudo defaults write 

/ Lib ra r y / Fre f e ren c e s / S y S t emConf i gu ra tri on / a u t od i Stkaou a I 
AutumaufjtDisiisWitboutUBetltOgin -booJl true 

After running the command, restart the host machine. Once 
it lehxas, VIS long as the machine is Uimed on, ihe drive will 
remain active. 

Setting Up the Clients 

First the good news, clients are much easier. Titere's only 
one attcli, you must log into the drive iDefore setting it up, In 
Leopml, tills Is easy, Tlie htxst machine should sliow up in the 
Finder's SHARED sidebar. Simply click on die icon, then log in 
iLsing the sli;tred user and password we aeated earlier. 
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You should see die external hard drive in the finder. Now, 
open 'Lime Machine's preferences (fn>ni die System row of the 
System Preferences). Click the Choose Backup Disk..* button. 
Select die remote disk, and dick Use for Backup. Time Matliine 
will ask you for the user name and pas^sword again, Tliese lets 
Time Machine aulotnatically log into the external drive when it 
[X^rforms its Ixickups. 


Sc‘lecung the drive should automatically Lum on Time 
Machine. Your first backup w ill am in aixiut two minutes. 


Tima 



Time Machine Tim* Machinn ket|» 

i Huurty B4cl(uCM fat itm ?4 Fk^r& 

• Oailv twlutJi li« o«i m&nah 

mSB it ] ON ‘ baclcuiis unin yaut b«ckuD duk ii- 
§1^ Cln:* the lock to pwem fwtiw ctwifki. @ 

Remote Backups 

As I destrilxd earlier, lime Machine .^ves kxal hLU’kups to the 
Backups.lxickupdh folder, Retnoie Ixtekups are a bit diffcTenl. 
Time Machine ,sto!es these in sparselxindles. Sjxusebundles are a 
ntw type of disk image, like other disk im;iges, they can lie 
mtjuntcd and browsed, pn>vided you liave the necessary 
pemiissions. You can even create new sparsebundles u,sing tlie 
Disk LItility appliaakm. 



‘-I __ *__. _ 

- ----—IT,. .J* 

ilTffCli MMH ti 



My Bonk (Mighty Mini) 


@ 


( Cancgt } ( Use for Backup } 


Unfortunately stjlid details about sparsebundles are hard 
to come (>y. According to Apple, sparsebundles are more 
reliable, efficient and scalable than the older sparse images, 
and they recotnmend using sparsebundles for any perslslenl 
sparse images, as long as the backing bundle is acceptable, 
As the name suggests, sparsebundles are bundles - in other 
words, a folder iliat the Finder treats as a single entity. Since 
it is a folder, you can dig into the contents. Do so and you 11 
see a 'bands' directory with slices of that disk image in 
chunks that may be up to 12HMB each. ITie man page for 
hdiutii has a little more information- 

while ,sparsebundles can lx mounted remotely you 
cannot mount them when directly connected to the drive, 
even when using an administrator account. If you try, you will 
get a scxket enor. Under won't even let you open the 
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bundle’s contents loc^illy- Irooically, this makes remote 
backups slightly more secure llian local backups. 

WfafiRiflfl 

The following disk images failed lo 

tmige Reason I 1 

3tA^.i|Mr£ebdii{l]e itlon ml ^uppoirtf d on sodtial 


( OK ) 

A 

Time Machine's use of sparse bundles creates at least one 
small problem. My home wireless network i.s nor the most 
reliable thing. 1 tried to backup my entire 70+ GB hard drive 
over wireless, just letting it run overnight. Tliat never worked. 
Ii ty[)ic:ally crashed around 12 GB. On the few occasions 
when shoving massive amounts of data over the air didn't kill 
the network outright, the transfer took forever. Only a fractfon 
of the work was done by morning, and i don’t have that kind 
of patience. 

Ideally, 1 want to plug the backup drive directly into my 
laptop, do a complete local backup, then convert it to a 
remote i>ackup. I made a few attempts at copying die 
contents of my ItKal backup into a moimted sparsebundle, 


bur I kept running into permission errors {>r corrupted bundle 
errors. I’m not saying it’s impossible, but I couldn’t get It to 
work. 

Instead, I wired ail the computers together into an 
Kthernel network and ran the initial backups over the wires. 
Time machine tagged my sparsebundle image with my 
Ethernet card's MAC address. Still when 1 switched to a 
wireless connection, Time Machine recognized and used the 
proper sparsebundle. IVe tested diis on both my MacBook 
Pro and an older G4 PowerBook, and it worked fine on both 
machines. 

Still Home people are reporting problems when 
switching between wired and wireless networks. The issue 
seems to be incorrectly named sparsebundics. If you’re 
having trouble, try creating an alias or even renaming the 
sparsebundle. Look for the 12-charactef hexadecimal string 
after the underscore. Replace that with the MAC address fbr 
your wireless card. 

Incremental backups tend to be rather small—u.sually 
less than 1 GB, so the Wireless netweyrk lypically handles 
them with little irouble. But, it’s not iDQ%, at least not on my 
network. I may not get every hourly backup, but this doesn’t 
l)other me too much. My computer gets several backups a 
day, and that seems sufficient. Anyway, once the backups 
are (jlder than 24 hours, Time Machine will only keep one 
per day. 
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Time M;ichine itself nms a little more slLi^islily o%^er the 
wireless network, ll can lake u minute or more to mount the 
.sparsebuadle. But, once it^s running, ii usually to work 
reasonably well, netw'ork crashes notwithstanding. 

Is This Solution Right for You? 

So hir, 1 am cfuite pleased w'itli my wireless Time Machine 
setup, hut it may not he the right solution for everyone. The 
two main deal breakers are security and performance. 

Any time you t>pen a service on your computer, you are 
opening yourself to possihle attacks. No one can prove their 
software is bug free—so there’s always a chance someone 
will discover a new exploit and use it against your cumputer. 

Performance wnsc, your experience will very greatly 
depending on tlie quality of your wireless netwxirk. I think it 
wt)rks well enough as a general backup solution, even on tijy 
slow, temperamental netw'ork, However, if you frequently dig 
through older ccjpies of files, then you may w^ant something 
a hit snappier 

Even if you w'ani to use Time Machine, consider this: Is 
Time Machine your complcle backup solution, or is it jiu^l 
one piece in a larger system. 

Time Machine backups work great if you accidentally 
delete a file, or if your computer's hard drive btirns nut. But 
what happens w'hen iheres a fire or hurricane or IhKxl? Say 
sotneonc hreaks into ytmr home and .steals all your compuier 
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equipment? Typically, your backup hard drive will be in the 
same genera! location as your backed-up computer A 
disaster that strikes one will likely take out the other as well. 

I highly recommend using some suit of off-site backup 
in addilion to Time Machine. You have any iiumtKT of 
t>ptions here; depending on how^ much you're willing to pay 
and how much work you want to do. 

If you’re a .Mac memlier, then Backup is probably your 
simplest option. Or, for a more hands-on approach, you 
could burn all your important files to DVD and store the 
backup disks ai W'ork, or at someone else's house, ! alst> like 
using the extra space on my iPod. After all, if there's any one 
item that I'm likely to have on my person as I run out of a 
burning building, it's my iPod. 

Also look at third party solutions. Many people 
recommend Su peri )u per!, espc'cially tor IxxHable backups. 
There are also a numIxT of (jnline slt>rage services, like 
Ama?:on's S5- Online storage is nice, since the servers are 
probably in an entirely different state. 

The bottom line is simple. Time Machine's quick setup 
and fire-and-forgei usage makes it the ideal first line of 
defenst!, hut it should not be your only hacktjp scjlution. Thai's 
just asking for trouble. 

Other Cool Server Tricks 

Por this networked 'lime Machine solution to work, you 
need a ho,si computer connected to your network 24/7- So, 
I hat raises the question, whin other .services can this 
machine provide? After all, most of the lime it's just silting 
there. Here are a few suggestitms, l>ut these only scratch the 
surface. 

By definition, you already have a shared drive connected 
U) your netwexk. If yf>u have extra .S[>ace. you can use that 
drive as a file server. You don't even need rf> do anything, the 
setup de.scribed above will lei you upload and download files 
from the netweirked drive. 

'fhe host computer is also the ideal choice for a print 
server Simply atlacli a printer to the host computer and enable 
Printer Sharing. 

You might want U) host your primary i'fune.s library on the 
host computer If you share the entire library, bandwidtli 
willing, you can access all of your media from any computer 
on y<>ur local netw'ork. 

Additionally, y<ju could .set up your t>w"n w'cb server by 
enabling Web Sharing. Leopard also includes Mongrel and 
Ruby on R;tils, if you want morc-cotiijilex web applications. 1 
want to make a small gnxxry list application. Everyone in niy 
family could add items to the list, and 1 could print out a copy 
jiist before heading to the store. Of course, in the age of blogs 
and social networks, rolling your own web site is not as 
exciting as it used to be, but it's still a gtMxl learning 
ex|x:rience. 

To make your web site even more useful, you could use a 
dynamic DNS server. Witli a few changes to your router's 
llrewalf anyone on the internet coukl access your web pages. 

WWW.MACncH.cow 









I wuulcin'l rccommenil this for u liigli-volume sire, or for a 
husiness critical pa^es. Hut il might be fun for soiiKltiing small. 

Finally, Hack to My Mac open.s a whole world of 
interesting possiinlities. If you Ye a .Mac memlx^r, Back to My 
Mac lets you acce.s.s your host computer from anywhere in the 
world. You can even rejiuaely ccmirol the host using screen 
sharing* Tm sure we will find any numJ)er of interesting tricks 
for ihi.s tec!iiK>logy. 

Here’s a quickie. Say youYe hanging out at an internei 
cafc\ There’s a large file that youYI like to download, but 
you don't want to wait for it. Fire up Back to My Mac and 
use the screen sharing. Launch Safari on the host compuier, 
and start the download there. Now you can shut ikmn your 
laptop and forget about it. 7*he download will be waiting 
when you get home. 

Y<hi even have limited access to Time Machine while on 
the road. You can launch the Time Machine appliotion— 
though, in niy case it ran painfully slow. 1 had more success 
rnoHniing the backup image and browsing it with the finder. 
Also, my laptop would not automatically schedtjle its next 
backup. I was al>le to force a remote backup by manually 
selling time machine to the l)at:k-ro-my-nruJc mounted disk. 
However, after nearly 45 minutes of “preparing’’, my 
connection to tlie host computer crashed. Bottom line, 1 
wouldn't recommend backing up frtjm a coffee shui:)'s sharctl 
w'ireless ruawork. On the tjther liand, if you can plug into an 
office LAN while on a business trip, il miglil be worth a try. 

Conclusion 

Time Machine Ls an exctrlleni IXK'kup solution, pnjvided y<Hi 
understand and respecl its limitations. Time Machines nmi 
strengdis cxjuie fTX)m its ability to do IfequaU, incienx^ntal backuj:js. 
Untbrriirnteiy, tliis only works if your computer Ls regularly 
coiinecicd to die Irackiip drive. For a desktop c^omputer, no 
piuhlem; however, I don't like liaving my laixofi con.siantly tethemd 
to an exteiTuii disk* Lapittp asers need a remote solution* 

In this article we ex()lorcd remote backups to anotlicr 
Leopard machine. Unfortunately, this solution can be 
somewhat expensive * Hopefully, Apple will enal)le Air Disk 
support soon, Still, using a fulLbk>wn computer opens a range 
of additional pns,sihilities. 

I higlily recommend using 1'ime Macliine to bat k up to a 
ht)si computer. You need lo tmderstand die secunty risks 
involved, and it does not replace a gtxxl tiff-site solutit)n. .Still, 
the next lime your hard drive bums out, you will thank me* 

7i)i 
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More Tools for the Toolbox 

Following last month's article, let's took at some of the 
mt)re interesting comniiind line tools that have appeared The 
first ttK)l, pkgutil allows manipulation of the package database* 
last montli 1 alsrj talked ahmr the addition tddtruce* New to 
U'opard, major parts of ihe Dirace ItJolKit by Brendan Gregg 
have been added. Some of them am prove rjuile useful in 
diagnexsing and troubleshtxHing particularly iliorny problems. 

PKGUTIL 

A new command line utility bax Ik'cii udded to Leopard, 
pkgutil. What does it do? From the man page, "pkgiuii reads 
and manipulates the Installer’.s receipt dataliase and flat 
packages." A database? 'I'bat's new to Ix^opard* Lett's look at 
where it is loc^ated. Change to /Library/lteceipts/db. lliis 
rlatabase cemtaias a necofd of all packages installed. LeFs kx>k 
at sf>me of the basic options. 

Forget. 1Tiis option tilscards aU the receipt data as,sociaied 
with an installed package. However, it only IbigeLs tlie 
information, it does not touch the installed files. If you want to 
reinstall a package, this option is very useful, as the files will fx? 
overwritten and reinstalled. It won’t be an upgrade; it will be 
a full re in stall. 

Unlink. 'I'his option removes any files asscxlated with a 
package. Be careful when using tJiis option though, a*s it diycs 
no depentlenc 7 checking and will not remove any dircclories 
that are contained within the package. However, if a package 
is only files, this command is c|yite usehil. 

Pkgs, All packages known on the system are listed, Here’s 
why this option is irnportani. Look at ihc Receipts directory, 
and then mn the command pkguLil -pkgs. Take close look. 
Note that if the 10.5.1 update has l:>een installed, there is no pkg 
receipL It is only contained within die pkgutil dalalrase. 

Repair. This option will run repair packages to repair the 
specified package identifier. Note however, that this option 


only refiairs packages if they are known to the rep;ur_packages 
utility found in /u.Hr/lilx*xec. Let’s kx>k at this a little mure in 
depth. 

rcpair_packages will repair packages with that arc 
recorded in the standard package list. Here’s how to check the 
list, open /iinsr/libexec, and run 

tepair_packagea list .‘itandard-pkgs 

Here's what is remrntxl on my system: 

SyBtera packages on * f* i 

com.applc*pkg.EaseSystem 

coiB.apple. pkg. Essentials 

com.apple.pkg.BnotCanp 

cura.appIe.pkg.BSD 

com.apple.pkg.IPodSupport 

rnm.apple.pkg.Podcas tCap L u r g 

coat, apple, pkg. Directory 

com.apple * pkg.JavaToolsLeo 

com.apple.pkg.AddItlanalEsaeotials 

com.apple.pkg.AddltionalSpecchVoices 

com.apple.pkg.AeianLangnagesSuppor £ 

com.apple.pkg.HediaFlles 

com. apple, pkg. Nigra tiorkAsaistant 

com.apple.pkg.Hall 

com.apple.pkg.Add ressBook 

c otn. apple, pkg. iCai 

com. apple* pkg. Aij tomato r 

com.apple.pkf.DVCFlayer 

com,apple.pkg.ITuncR 

cum.apple.pkg,iChat 

com.apple.pkg.Java 

com. apple.pkg.Safari 

con. apple.pkg.OxfordDicrionaries 
com.app1e.pkg.XllUser 

com.apple.pkg.ACL 

com. apple, pkg. VersiotiedDeveloperToolaSyTJtetnSupportLeo 

com.apple.pkg.DialributcdBuildeSupportLeo 

com.apple.pkg.DeveloperToolESyatemSupportLeo 

c om.apple.p kg.gc c 4.OLe u 

c om.a pp1e.pk g.Develope cToolsCLILe o 

com.apple.pkg.DevSOKLeo 

com. apple. pkg. X11 SDFCLeo 

com .apple. pkg. QuickTime SDKT.Leo 
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coBi .apple. pkg. OpenGLSDKLeo 
c€iQ. applg. pkg. WebKi iSDKleo 
cnm,apple ^ pk^.lireWireSDKt^o 
com.apple.pki^. filUGtoQthSDKLeo 
con * appl E. pkg. Core Audios Din>EQ 
com,apple.pkg.JsvaSDKLeo 
can.apple. pkg.KllDocuJKeutar tunl«eu 
com,apple.pkg.ServerSetup 
com.apple.pkg.ServerAdmlnToo1a 
com.apple.pkg,update.oa.10-5.1 

Nf>te Ill! the packages, lJie.se are the only packages that are 
checked when verifying perniissions. Packages can Ix’ added, 
l>u! at this time, this command appe-ttrs to only accept tho.x^ that 
are known by the receifjts daialiase. Cine last thing, tlie 
repair_paekages command allows individual verification of 
packages, [fere's liow: 

/uer/libexEc/rcpairepackages -verify -pkg 
com.apple,pkg.ServerSetup 

Imagine using Apple Reninte Desktop to verify or repair 
jxTinissions on any niimixr of packages! 'I'har alxjot siinis up 
the power of pkgntil and repairjxniussions. fVe not gone 
into all of the options, but there are a numlxr of additional 
ofXions to pkgutil whichpkguiil, which could be used. Read 
the man page and have fun! 

DTRACE AND FRIENDS 

Dtrace is quite powerful, hut who lias lime to learn a new 
prognimilling language? 1 don't,, that's for sure! Berea’s where 


some of the nc^ly includc'd programs can be explored and 
used when irou[ile.shooting problems. 

Snoop commands 

Ft>ur “snooping" commands have l>een added, exec^snrK>|>, 
iosnoop, rwsnoop and open.sn(K>p, I'll !(K)k al rwsnfKip first, 
This command will ob-serve reads and write.s at the a[>plication 
level. W is really very verixtse, and lists each and every 
read/writc ojxnition. It is also hooked in at the kernel level, 
so it is quite accurate. It's very simple to usc^ to monitor a 
sjxcific application, first, gei the pr(He.ss id (Hl», and then 
ase the -p caption. As an example, to inoniror all Mail.app 
activity: 

rwsnoop -p PIT) 

This command monitors any read/write activity for tlte 
Mail.app application. Of course, one dtxs not need lo specify 
a particular application, bui it is far more useful Lo only 
monitor one- 

input output momtoring 

Tlirce commands are mcludcd to track disk input/out[)ut, 
ioto[i, iopeticling, and iopattern. The one t like here is iotop. 
When troubleshooting a slow system, iotop presenLs a listing 
much like the unixUNlXnix top cximmand. On a skiggi.sh 
system, one could track the drive activity to determine what 
was slowing a system down. 
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Included scripts written in d 

Lastly^ ntany ntfw t:c>iTioiands have I'^een inc:ludt’d in Leopard, 
all written in d, llic dtrace programming language. TItey are ail 
located in /usr/l-Jin. A couple of comniands fKjrticalarly 
interesting. ITie first is creatl^yprcx'.d. Run it in the follt>wing way: 

dtrace -s creatbyproc^tl 

Note tlie Dutpiit, It tracks files as they are created by 
process id. last's look at another useful d script, filebyfmK'.d. 
'iTiis command wilt track files by prtx:ess. How about yet 
another? Pathopens.d trac*ks files by the path, and the counL 
Here's what the output might look like: 

COUHT PATHNAME 

1 Lecipa td / . 

2 /dev/dtracehelper 

2 /dev/urandom 

2 /usr / eha re / loc a 1 r /en _tlS. UTF - 6/ LC_C0LLATB1 

2 /tisr/jihare/locale/en_US.UTF e/LC_CTYPE 

2 /iisr/share/loeale/en_US.UTF’8/LC_MESSAGES/LG„MKSSAGES 

1 /usr/share/locale/en_lJS.UTP S/LC^ONETARY 

2 /usr/share/localo/eo„US*UTF-S/LC_KUMERiC 

2 /uBr/ahare/locale/en,US,UTF B/LC_T|KE 

24 /dev/ 

(^■n /usr/l>in ;ind trxploa'- s^^ne of tltc^ tHlier d scrijxs. While 
not all t)f iIk* dsoipts are theie, mt^il aie. 


One List thing, Brt‘ndin Giegg his piovided a wliole range of 
one-liners, most of wliich work on leopsmi. Here’s tlieir location: 
http: //WWW. brendan 9 reg 9 Xom/DTrace/dtrac©_onel inersJxt. 
Tiout>les]iootiiig jmjblenis witli iliese tools is now so niiKb easier Fve 
alretidy solved some f)a)l>lenis I previoiLsly cxxikln't seetn to solve. 

Well, Lliiifs alxjLit it for this month. Play with these new 
et>imnand line tools, as they really increase the arsenal available 
to any Macintosh sysieiii administrator. Until next month. HI 
see you on the lists! f m m 
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The Road to Code 


by Dave Dribin 


You Have Your 
Mother’s Eyes 

Inheritance and 
Polymorphism 

^ _ J 


From Rectangles to (Circles 

Um month in Road /o Code, we siaricd writing 
Objettivo-C ctKle, iintl wc ended up wailing a class that 
represents a get>rrietric rectangle* 111 list it here tor tlicxse who 
skipped out last month: 

Listing 1: Last month’s Rectangle.h 

Foutidat lon/Foundat 1 on .h> 

(fititerface Kectaiigle : NSObject 
I 

float _leftX; 
float bottonY: 
float _width: 
float .height: 

1 

- (id) inilWithLeftX: (float) leftK 
bottomY; (float) bottoaiY 
rightX: (Jloat) rightX 
topY: (float) topY; 

(void) setRlghtXi (float) rightX; 

(florti) area; 

(float) perimeter: 

@eTid 

Listing 2: Last month’s Rectangle.m 

lliaport “Rettangle.h" 

eiiRplom^mai Ion Rectangle 

(Id) iniiWithT*oftX: (float) leftX 
bottomY: (float) bottomY 
rlghtX: (float) rightX 
topY: (float) topY 

I 


self “ [fiuper inlt]: 
if (seif ikil) 
return nil: 

_lortX - leftX: 

^bottomY = bottonY: 

_width “ rlghtX leftX: 
height = topY ■ bottomY: 

return self: 


- (void) setRigbtX; (float) righrX 
_width = rightX „loflX{ 


(float) area 

return _wiclth * ^height; 


(float) perimeter 
return (2*_width) + {2*_height): 


We also wrt:)te a simple program that iise*s tliis new clas^s: 

Listing 3: Last month’s main.m 

^import Foundation/Foundation. h> 
llmport '‘Rectangle.h** 

Int main (int arge* const char ' argvlJ) 

I 

NSAutoreleanePool * pool - 

[ iNSAutoreieasePool allocl initl: 

Rectangle * rectangle: 

rectangle “ iRectangle alloc]: 
rectangle * frectangle InitWithLeftX* S 

bottomY: s 
rlghtX: 15 
topY: 10): 


printf(’■Ates is %.af\n**. (rectangle areal); 

printf {‘^Perimeter is: %*2f\n", [rectangle pe^^tnGTe^]); 

(rectangle setRightX; 20j; 

prlntf(''Area is 1*2fVn*, [rectangle area]): 

printf("Perimeter is; l.liVn". [rectangle perimeter]); 

(rectangle releaael; 

[pool release]: 
return U: 

I 

Now, let's say wc also want a class that represents a 
geometric circle* And lei’s also say we want to have methods 
that calculate the area and perimeter, just like our rectangle 
class. As a quick refreslier on trirclc gcotuetry, 1 refer you to 
Figure 1: 
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Figure 1: Geometric circle 

Kfom this diagram, wc can see the circle has a center 
of Oh, 5) and a radius (r) of 3. Here are ihe equations 
for area and perimeter: 

Area = /rxr^“7ix3jt3= 28.27 
[^erimeter = 2x;r)tr-25tffjt3= 1B,B3 


Wc will design our data structure to keep track of the 
center point and tlie radius. The header file for a Circle 
class is defined tn Usthig 4. 

Listing 4: Circle-h^ first attempt 

Jflmpor f Founcla tlQD / Foundation, h > 

^Jntot face Circle i NSCbject 
( 

float _centerX: 
float _centorT: 
fioat _radius: 

1 

■ (id) initWtthCeTitorX: (float) centerX 
centerY: (float) conterY 
todittst (float) radius: 

- (float) area: 

' (float) porimeier: 

^end 

This class has instance variables for the ('enter point 
and radius, and the constnictor allows us to create a circle 
using these values, too. The area and perimeter niethixl 
declarations are identical to those in the hciider of our 
rectangle class. Now let's look at the implemeniation of this 
circle class: 
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Listing 5: Circle.m, first attempt 

^import “Circlenh** 

^import 


@ltnp lament at ion Circle 

‘ iid) initWithCenterX: (float) cetitetX centerT: (flgat) 
cefiterV 

radius: (fiaai) radius 

( 

self = [super initj: 
if (self == ntl) 
return nil: 

centerX “ centerX; 

_centerY = ccnterY: 

_radius " radius: 
return seif: 

I 

(float) area 
i 

return M PI • _radiuE ’ _radius: 

[ 

* (float) perimeter 
( 

return 2 * H„F1 * _radius: 

I 

Pend 

Okiiy, thiir’s fairly 5irai|']iLforward. too. ’['he only new pari 
is the M_PI consiaiU, wliich is value of n and is defined in 
malli.h, which we have imported. Now, let’s take the main 
function we used To test oui fjur recLangfc class and adapt it to 
our ctFcle class: 

Listing 6: main.m to test Circle 

#ttnport (Foundation/Foundation.h> 
iiflmport "Rectangle.tr 
//imporT “Circle.h" 

Ini main (Int ar^c* const char * argtf[]] 

f 

NSAijtoreUasePooi * pool = 

I [NSAutoreieasePool .illocl init] : 

Circle * circle: 

circle = [[Circle allocj initWithCenterX: 10 

centerY: 5 
radius: 3]: 


printf("Area is [circle areal): 

printf("Perimeter is %*2£\n'', [circle perimeter]): 

(circle release]; 

Ipool release]: 
return 0: 
i 

This is very similar to the Rectangle le.sl program in 
Listing 3Ltsting 3- The only change 1 made was to chain the 
alloc and initwithCenterX:centerY: radius: 
method calls logetlier on one fine. Method chaining, he,, 
calling a method on an object returned from another 
method call, is often done for object initialization like this. 
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You will ulniosl always set: the alloc/init etjmho 
chained together If we run this, it should produce the 
output: 

Area ist 

Perimeter is IS,85 

Inheritance 

lliis is all well and good, but now, let’s mix it up ii bit. 1-ei's 
say we want Eo mix rectangles and circles in one application 
and print tjui the area of !K)th of them. The siftipiesi way lo 
accomplish this is to just have two separate printf statenienis, 
like this: 

Hectaiigle * rt>ctangle: 

rectangle ^ I [Rectangle allocl initWithLeftX: ‘■j 

bettomY: 
rightX: 
topY: U/J: 

Circle * circle: 

circle = 1 (Circle aliocj initWithCenterX: 10 

conterV: 5 
radius: JJ: 


printf (“Area is I ret tangle area]): 

printf ("Area iJ3 [circle area]): 

'I'liLs should get us the foHowing output: 

Area is 50.00 
Area Ifi 28-27 


If wt are printing the area a lot, we would want to put this 
into a separate function called, say print Shape Area. 
Hirn'ever, we run into a bit of a snag. How' can we write t>ne 
function tliat can print the area of rectangles and circles? It 
turns out we can by WTiting a printShapeArea hmcfion with 
the following signaturx:: 

void printShapeArea(NSObject * shape): 

You ll notice that our function lakes a shape of lype 
NSObject You’ve seen NSObject before in ihe header 
files lor our cla.sses, but I've just glos.sed over it. lake the lust 
line of the Rectangle class as an example: 

ftlnterface Rectangle : fISObject 

It ttirns tjiit fhai da.sses are organized into a hierarchy, sort 
of like a family tree. Every cla>ss we create mu.st have one 
parent and can have zero t>r more children. 1’he word after the 
colon allows us to provide the name of the parent class. ‘I hus, 
this line .says dial we are creating a new^ chts-s named 
Rectangle wath a parent ckrss of NSObject. Conversely, this 
means that Rectangle is a child class of NSObject. Our 
Circle ela.ss is declared vory similarly, with its parent class 
also as NSObject. 

There’s also some fancy object-oriented terminology for 
these family reiationships. The pareni dass Ls called the 
superclass, while a child class is called a suheiass. To 
confuse the matter, a superclass is also known as a base 
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class, and a subciass is known as a derwe^J doss. Wl' cun 
draw out I he reblionships liciwcen elasses In a diagram that 
looks a bit like a family tree. ‘Phis diagram is called a class 
hierarchy, and it would look like Figure 2 for our 
Rectangle and Circle classes. The little triangle points 
lo the parent and indicates that the classes heiow are 
subclasses. 



Figure 2: Class hierarchy 


Looking at this diagram, it's clear tliat Lxjth Rectangle 
and Circle share NSObject as an ancestor. It's this common 
superclass that allows us lo use NSOb ject * us tlie tyjie used 
lor the printShapeArea function. Reineniber that Objective- 
C, like C, Is a statiailly typed language. I'hls means that 
parameten> to all functions and inellKxls are given a tyf^e, and 
the ccmipiler will complain if you try to pass an object of a 
different type to that function or methtnL However - and this 
is a disfingiiishing p<nnt of ohject oriented programming - 
an>aime a function or method a'tjtiircs a certain class, you can 
always pass any sulK’lass without conversion. Thi.s means, for 
example, that a function that takes a parameter of type 
NSObject * can Ix! passed any suIxHass of NSObject 
without conversion. Since both Rectangle and Circle are 
derived from NSObject, they may Ixxh l>e passed to 
printShapeArea without cam version. Tims, we can replace 
the printf calls in our main function with: 

printShapeArea (rectangle) j 

printShapeArea (tire; le): 

However, tlie implementation of printShapeArea gets a 
little tricky. This is beemse the automatic type conversion ibr 
related classes Ls one-way only. You can only automatically 
convert to su[xiadasscs, or up the class hierarchy, but you 
cannot automatically convert to a subclass, let me sliow you 
the implementation, ant! then we will walk through it 

Listing 7; printShapeArea 

void printShapeArea(NSObject * shape) 

I 

floai area = 0; 

if {[shape isKindOfClass: iRectatigle class]]) 
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t 

Rectangie * rectangle ^ {Rectangle *) shape: 

area ^ {rectangle area]; 

J 

elne If ({shape IsKiFidOfGlass: [Circle class]JJ 

f 

Circle * circle “ (Circle *) shape: 

area *» fclrcle area]: 

I 

printf("Area is areah 

I 

11 1 C tricky pm alxjui amvcnin^ to a sulxIaNs is wc donl 
know w'hut kind of class tlic variable shape is. It could [>c a 
Rectangle or it could he a Circle, we just don't know. 
However^ wc ccm ask an object what kind of class it is an 
instance of^ and that's wliat the isKindOfClass: uiciliod is 
doin^. Asking an object alxnit its type at nintitne is called 
irtinL^Kiion. Tirst we ask if it is a Rectangle ckiss. If it is, 
we convert the generic sha|X^ to a rectangle using tliis syntax: 

Rectangle ’ rectangle ^ (Rectangle *} shape: 

This conversion .syntax is called a casi. Tfie problem is I hat 
casting an objed from one type to another is very dangerous. 
You're basiailly overriding the compiler and saying “Yes, this 
shape really is a reclangle,*' and it w'ilj blindly trust you. If, hjr 
some reason, this Ls rtoi a Rectangle, you will luosl likely 
crash your program. Bur we can gel away with a aust here 
because we just asked ihe object if it was. indeed, a 
Rectangle. Because it said '"yes," we know' w^e can fKTfonn 


tliat ca.si safely. Once we perform the nisr, we can cill the area 
mellmd to hnd out the reciangle\s arc“a. 

If the object Ls ni>t a Rectangle class, we dicn ask if it is 
a Circle class. !f it Is. we d<> a similar aist to the Circle 
class, and llien call the cia’ies area methocL Finally, we print 
the area, which we got from either the rectangle or the circle. 
Anti vnila! We have t>nr generic printShapeArea function. 
Pass in any shape, and it will prim ilie area. 

It's worth noting that die inethods defined in a supercliLss 
are available tf> all .sulx'las\ses, Ju.st as reabwxxid cliildren inherit 
trails from llieir parents, cla.ssc^ inherit meilxKls from their 
superclasses. That's also why suixlassing is als<j referred to as 
Mxritmice. We jtist deniunstrated w^hy this is u.seful. You’ll 
noilce we used the isKindOfClass: merh<xi. But wliere did 
iliLS nietlKxi come from? We didn't define it in t>ur Rectangle 
cla.ss, but it Ls inherited from KSOb ject. I Ve s;ud Ixfore that all 
objcds are tlesi'endants of NSOb ject. KSOb ject pnwides a lot 
of base functionality that all these MilHla.s,s(‘s inherit, including 
features such as inenior>‘ management and introsix-eiioti. We’ll 
gel to see more of WSObj set's feature.s in later a it kies. 

Polymorphism 

L(K>king at the printShapeArea function tn Listing 7 
with a critical eye. we'll see a couj^le of issues. Firsi, it’s a fair 
amount of code. What w gain in tlexibiliiy, we lose in 
readahiliiy. However, the real issue is that it's n<it even that 
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flexible. Sure, we can pa.ss in either a Rectangle or Circle, 
but what if we create a new shape, say l^riangle, which can 
also calculate its area? Now we have to modify our function to 
check for the Triangle class. In fact, every time we add any 
new sliape, we'd need to update this fuadian. lliats a fragile 
simation, and it's nor a good property of well-designed code. 

The second issue is that tliere’s nothing stopping us from 
pitssing a non-shape object to this function. Remember that 
NSObject is the common ancestor of all objects. It doesnl 
make sense to pas.s in a numiKT object sucli as NSNumber, 
because it doesn’t have the area method. Liven though 
Objective-C is statically typed, it won’t properly detect this 
condition with our t'tirreni implementation. 

To solve both of these issues, we can create a new, 
intermediate Shape class. This is a subclass of KSOb ject, but 
it will he rhe superclass of Ixnli Rectangle iind Circle. The 
first step is to create the Shape class, witli no implementation. 
The empty header is presented in Listing 8 and the empty 
implementation tn Listing 9. 

Listing 8: Empty Shape.h 

tfimport < Cqcoa/Cocoa .!■ 

iinteTface Shape t MSObject 
i 

1 


@iniplementation Shape 
Send 

Now, w^e make tlus the siif^rclass of Rectangle by 
changing its @interface line lo: 

SintEtface Rectangle : Shape 

And similarly, we make Shape the suficrclass of Circle 
l>y changing its Winter face line to: 

@interface Circle : Shape 

By subclassing Shape like this, our class liierarchy now looks 
like Figure 3. 



§erid 

Listing 9: Empty Shape.m 

ifimport "Shape.h^ 


Figure 3: Class hierarchy with Shape 
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Finally, we change the .signature of printShapeArea to: 
void printShapeArea(Shape * shape) 

Tliis solves the pml>lem of passing a non-shape object to 
printShapeArea. If we tried to pass a numljer object, the 
compiler will now warn as. II will allow Rectangle and 
Circle liecause Ixjlli are subclasses of Shape, and can be 
converted to Shape due to the inheritance hierarchy. 
However, this doesn’t actually rcdat:e the amount of code or 
allow us to avtiid casting. We can achieve this by another 
refinement to the Shape class. 

You'll notice that the area mciiiod for Rectangle and 
Circle boUi have the same signature: iio arguments and 
return a float. Because this method signaaire is exactly the 
same, we can add an area method to rhe Shape cla,ss. Wlial 
should we do for the implemeniaLion? Since an unknown 
sliape has an undefined area, let's just return 0. 

Now we liave a very interesting siiuaiion. WeVe defined 
the area methcxl in both a superebss and sulx'bss. With two 
different implementiiiiuns, which one gets chasen when 
[rectangle area] gets called? 'fhe rtde is ihal ihe deepest 
implementation in iJte class hierarchy wins, llius, in this case, 
Rectangle's area lmm|)s Shape's ara, and Rectangle 
is said to owrride the area method. Methtxl overriding is an 
important feature of objeaoriented pnjgramming, and every 
OO language should allow you to do this. 

Overriding plays a very important role, though. You'll 
notice that )x)th Rectangle and Circle override Shape's 
aren method. So what's the ptnnt of having this metiK)d, tlien, 
if it will never get called? It allows us to simplify 
printShapeArea, by removing the introspection calls and 
casting: 

void printShapeArea (Shape shape) 
t 

fiohat area = [shape area]; 

printf(“Area is area): 

I 

Now at first glance, you might think ihut this will always 
print “Area Ls O.fK)" even when pa^ssed a Rectangle or 
Circle instance. Alter all, the Shape im pie mentation al^^'ays 
returns 0, However, through the magic {rf OO, this ucuially 
prints the correct results: 

Area: Is 30.00 
Area is 23.27 

How is this possible? It turns oui that even though shape 
is t>f type Shape in our code, the object really Is still a 
Rectangle or Circle at heart. Method (:all.s take into 
account what type the objed really is, instead of what ty[X" the 
code says. In fact, Objective-C wont figure out which area 
mcduxl will l>e called tmtil we actually am the program. This 
magic is called polymorphism. It is also sometimes referred U> 
as hindit^ since the method call is not lx)und until tfie 
aclual invtxation of the nieiliad at runtune, not compile time. 

The immediate Ixnefits of polymorphism are readily 
apparent, All of our introspection and casting code goes away 


sprint^ ahead 
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and printShapeArea lx.H:<>mes :i rwo-line function. 
However, the l^nefits go clce[xrr. By using polynifyrphi.sm, we 
can add it Triangle class witli an area inethtKl and 
printShapeArea will siill work, as is. As long as Triangle 
inherits from Shape, we dcinl have to mtxlify the source code 
to printShapeArea at aU. Better yet printShapeArea 
can compiled into a library prior to the existence of 
Triangle, and it will work due to the nintime binding- lliis 
is powt?rhil shiB, and it is a cornerstone of OO programming* 

In addition tf» the area method, we am add tlie 
perimeter method to the Shape class- Again, its 
impkimen!;ition should return 0, as ii is inicnded to be 
overridden by subclasses. 'I'liis will allow us to create a 
printShapePerimeter function in a similar vein to tlie 
printShapeArea Function. By doing this, we are s^iying n 
slia[)c niu.st be able to c'alciilate its area and fK^rimeter. Our 
final Shape class slioult! l<K)k like the code in Listing 10 and 
Listing IL 

Listing 10: Shape.h 

rt ;found atlon/Foundation *h > 

Sinter faro Shape t NSObJect 
[ 

I 


- (float) area: 

* (t’ioat) perimeter; 

@end 

Listing 11: Shape.m 

tfimport "Shape.h" 


dlmplrmentation Shape 
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- (float) area 
I 

return Di 
I 

‘ (float) perimetec 
I 

return flj 

1 

@Gnd 


Tor the sake of completeness, Listing 12 is the 
accompanying main.m: 

Listing 12; main.m 

#ijBprtrt ^ Foundai lon/Foundation. h> 

H^pQtx •‘Shape 
^import ftectangle.li" 

^limport ‘•Circle.h"* 


void prJniShapeArea(Shape * shape); 

inr. main (ini arge * const char * argvfl) 
i 

MSAutoreleasePool * pool ** 
nNSAutoreleanePool alloc] inlt]; 
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Rectangle * rectangle; 

rectangle = tl^iectangle alloc] InltWIthLeftX! 5 

bottomTr 5 
rightX; 15 
topY: lOj: 

Circle • circle: 

circle - [[Circle allocl InltyithCenterX: 10 

centerY: S 
radius: 3]: 


printShapeAreaCrectangle]: 
printShapeArea(circle]; 

[rectangle release]j 
[circle releaGeJ; 

[pool release]; 
return 0; 


void prlntShapeArea(Shape ’ shape) 

I 

float area- = [shape area]: 
prlntfC“Area is 1t.2f\n'** area) ; 


Protocols 

Our geometric .shape class library is progressing nicely. 
Wc*ve got classes for reaangies and circles, as well as a 
common base cla.ss For future extcnsilniily. New shapes can 
be added and, through the magic of polym<jq->hism, the code 
impact is minimal, llawever, if you're a perfeciionisi, the 
area and perimeter methods of Shape may he bothering 
you. Their sole purpose is more of a placeholder for 


subclasses than doing anything useful. Sometimes, you have 
to live witfi a l)il of ugliness due to the limitations of llie 
language. However, Objeciive-C provides a belter aliemative. 
Instead of making Shape a class, we can make it a protocol. 
A protocol is like a class with only an interface and no 
implementation. It's used to specify a comnum set of 
methods that a class must implement. Our Shape class 
Transformed ro a proiocol would need only the Shape.h 
header hie shown in Listing 13- 

Lisiting 13; Shape.h for a protocol 

fHnipoi:: <Foundatit?ii/Foundat iati -h) 

^protocol Shape 

• (float) area; 

* (float) perimeter: 

#erid 

Ihis looks similar to our previous class header hie in 
Listing 10. We use ihe 0protocol keyword and there is no 
area lo define instance variables. Frotot^ols are not allowed to 
liave instance variables- If you need 'em, ytiu’ll have to use a 
class. To use this protocol in our Rectangle class, we use a 
l)ii of new syntax in the @interface line: 

^Interface Rectangle : HSObjecT<Shape> 

I1iis slates that Rectangle is now a sulxinss of NSObject 
again, however by putting Shape in the angle hrackcLs, we’re 
declaring that Rectangle implemenLs die Shape pixHocoL IbLs 
means that we mii.si implement all methods in tiii.s protoa>L We 
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already do liiis, m> we don’t have to imke any funJicr 
mcxlihcatiorLs to Rectangle. We am make .similar mcKlificatioRs 
lo Circle to make it implenieni the Shape pn^UK ok Uxx 

We inusi mm change our printshapeArea funcLion, 
since the Shape class no longer exists. In order to get the 
Ix-meRl of static type checking we tiiiist declare tlie function as 
follows: 

void print She poArea{NSObJeci;<Sbape> * shape); 

This says that print Shape Area accepts an NSObject, 
bill not just any old NSObject: only NSObjects that 
implement the Shape jmiUKol. So now weVe really got the 
111 Li male solution. W'eVe got our tyfX" sal'ety, wcVe got our 
polymorphism, and weVe got no useless ctxlc. The 
implementation is the same as iK'fore: 

void printShapeArea{F^SOb]ect<Shape) * ^:bapc) 
t 

float area ^ [shape area! : 
prlntft“Area is area): 

] 


It's worth noting that proioc'ols t:an also inherit from other 
proUx‘t>ls, similar tf) class inheritance. For example, we could 
create a DrawableShape protocol that inherits from the 
Shape proUxol: 

^protocol DrawableShape <S]tapo> 

(void) draw; 

@end 

Any object that implements the DrawableShape prouxol 
must implement all three methods: area, perimeter; and 
draw. 

Conclusion 

Inheritance and polymorphism are the final pillars of 
object-oriented programming. Along with the concepts of 
classes and encapsulation, you're well on your way to 
l^ecoming an OO guru. With these OO building bltxks under 
your belt, we c'an start gening into the details of Objcctive-C 
ami the standard class libraries. 1 liofxr you join me next month 
in The Road to Code. 

WW 
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Managing Your Loadset, 
Post-Deploy 

How to keep machines up to date 
from a central location 

_ J 


So, youVe flniiKy clono ii. All of your softwari;? is upcbtetl 
and volume-licensed. You've built your disk images. Yf>ur 
NetH<K)t restore server is up and running for tleploymenu And 
finally, the dream t5t easy reloads and setups of your Macs has 
come to fruition. 

Then that tiny liule u]xlate conies out: tlie critical liiig fix 
tliafs not part of your U)adset. Or ycnfve dist'overed a sniall 
glitch in your logout hook. Whal do you do now? One way 
would [le to deploy your I.oadset on a clean system. in.stall the 
ufxlatc. Tlien re-image and redeploy. Yiick, All ilia* work lor 
a simple updater, and another one will likely l>e there 
tomorrow. 

You could go buck to "sneaker-net^ lx>ac! the files an to 
u Hash drive and walk it around to youi- worksiuLit>ns. Douhie 
yiick. 

Building disk images for deploying loactots is fantastic 
wlien you are wiping an entire volume and reloading all of tlie 
''installables". But sometimes you need more precise ways of 
making minor cltanges u> your Ltiadset. Belter yet, software 
that can manage and track these changes is ideal. 

In thi.s article, we'll explore soluticins lor iiumaging your 
Ixjudser, posi deploy mem. Our focus will l>e on producMs ihai 
cun run exclusively an the Mac: Apple Remote IX'sktop (with 
Task Sen’cr and Package Builder), University of Michigan's 
Itadminti tcH>ls. FileWave, and LANrev. 

Oilier solutions may exist, like UmDesk, for example. 
LanDesk has a client for Mat* OS X ihat wall accomplish our 
goal. However, since liinDesk's server component can only 
nm on a Windt>ws server, it does not fit our criteria. 

One more exclusion that I'm sad to make, and it certainly 
won't win me any popularity conlesLs here in Jayhawk-country: 
1 have to ext:]ude netOclopus by Motorola nee Netopia. I have 
concerns ulK)ut the future of the Mac deveiopmenl of 
netCXtopus now that ifs no longer in the fmnds of a company 
that has a strong histt>ry of Mac development and support, 'fhe 
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fact ihai ii has not lx*en updated in over a year, and iliat it's not 
a Universal Binary lends credence. IVI ask stjme of the 
developers at Netorola, but fm sure they are under some kind 
of hush order nofx.*fully J'm wrong and they are tex) busy 
trying to gel llie new version out ilie door to take my call 
anyway. 

At the end, well look at how tliese UhjIs handle the new 
challenge to tlie Mac admin: Windows, Many new Mac 
purchases are predicated on the fact that the user has either 
IkxjtCVmip or virtLializ;jiron of a Windows OS at their fingenips. 
Most c^f the time, it's .so iliey can coniiniie to nm just one or 
two Window's-only apps, but we all know- liovv viial ii is to keep 
Windows well-putclied and virus-defined. 

Apple Remote Desktop 

It's conceivable ihai you already have ARU in your arsenal 
of network tools. If so, you cun levemge it for simple software 
deployments using Ixah the “Install Package" and “Copy File^" 
features. 

Install I*ackages is most useful for any Apple 
deploy men!, as they will already be in tlie “.[>kg'' based in 
.pkg format. Gran led, if ycmTc running Mae OS X Serv^er, 
you can use its ability to mirror Apple's updates. However, 
since many third party installs are ntiw alst> I rased on 
packages, using ARD for the process bectrmes more 
* appealing. In addition to Ircing easy to deploy, you get tlie 
added benefit of having a receipt left over for things like 
permission repair. The process is relatively simple. Select 
your target computers, add llic package (or packages) to the 
“Install Packages" dialtrg. Set your options, which include 
whether or not to reliooi (which in the case of certain 
installs like an OS update is mandatory), where to run the 
task (see below), and how to deal with problems like 
interruptions or netw^ork bandwidth. 
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Figure 1 - Using ARD to install packages 

One of the gieatcM new feature*? in AKl) 3 is the Task Server 
eapaliility. It does require another license of ARD, liul the extra 
expense Ls worth it, if you plan to use this solution for LoacLset 
Mamgenient. While ARD uisks can lx: stHietluled (note the button 
in the lower rigliU it's often diflkiilt to atich ih<nse Mat'fkxjk useis 
while ilic 7 ’fe running oitt of tlie buikling. If y<ju liave a task server 
setup in your preferenais, you ran assign llie '^Install Packages” 
command to be pcrfomied by it. In addition to freeing up ycair 
t:ompulcT for odter tasks, the brsk Server will watch for unavailable 
Uiiget computers to come on-line and jx-rfonii tile insiall wlien tt 
sees them. Wliilc iliis may not Ix" ideal for OS updates (since the 
user may abruptly relxxKj, for simple Ufxlaters it may lx: just die 
dung to ensure e^^erytme slays airreni. 

What if the items you want to install aa^ mx part of a F^ackage 
file? ARD ran still fit the bill. It includes i^ackagcMaker for making 
ytmr own ,pkg distributioas. How to ost* it is Ix^ond tlie sa>pe of 
this article, but if you pull out your Decemlxr 2(X)6 MacTech, 
there's a great how-u> on PackageMaken 

Even if PackageMaker is mom complex dian you want, you 
can still leverage the “Copy Items’' function of Apple liemote 
Desktop* When you gel riglit down to it, an instailer Ls really^ doing 
up to two things: co|>ying files to tlie right l(xatk>ns, and executing 
pre aixl post flight scripLs, Many non-l^tckage installs cbn't even 
do the scripts part: they ate just disk images tiiai tell you to drag' 
and-drop files on to your Applic-adons folder 

Witli diiit knowledge, you wanted to dislril>ute die latest 
build of Camino to your fjoadsei, you aiuld simply mount the 
Camino disk image, drag die Cainino.app into die “Copy Items” 
window and fire away. 

You could do the same with virtually any file or folder, even shell 
scripts that you woulti ttse as a login hook. Just add your own 
destination folder to die “Copy Items'' dialog. 


While the ”Cx)py Iians'" dialog lets ytxi set owner and gixjufi t>n the 
file, ytxi may want to use the "Send UNIX Qinimand'' ftinction to 
.send along a climfxl to lx Mine. 
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Figure 2 - Following up with Unix permissions 

But what abcHU scaiuihing more complex like an update that 
uses InstallerVlSE to apply to an existing file set. Ihis where ARD 
might lx at>le io ucconifdish tlie goal but it gets a little cunilxrsome. 
You would have to insudl the update on a test workstation, figure 
out wheie all the pitx'es wx*nt, aixl then use '‘Copy Tiles” m .send all 
of those indivklual (licx.c-s to tlie laiget workstatioas, AddiLiiHially, 
“Gjfjy Files” Ls not a ajmm;iixl that can lx hitnded off to a Task 
Server. TliaTs a l>it too much maniuil lalxir for iix>st administrators. 

Ikmom line: ARD works givai in concert with Fackage-lxised 
insialls and a Task Server, but it isn't going to lx- capable of 
handling all situations unless you w^ani [o put in sul>st;mtial time to 
either build packages <ir manually detemiine what to rapy. It can 
ak) ix pricey. Tw^o copies (one for you, one for yotir Ta,sk Server! 
can set you Ixick almost $lfXX). Hut, if you'tt: using it fur its screen 
sharing and inventory niaruigemeni feaatrcs. this Ls one more way 
to leverage RemtJie Desktoj) ;ind make it that much mote valuable, 

Radmind 

Of all of the items this article will examine, Radmind may be 
the mast appealing Imtitise of one factoi- alone: its price tag. If 
you'ie even giving Radmind a kx>k, lx sure to thank tiie 
tievelopment team at the University of Michigjin, (Sorry, Ohio State 
fans.) Not only do thc7 put .significant ongoing wotk into rhb 
project, they distribute it for free (paivided yoti leave tlieir 
copyrights in place). 

So for clients who need a good Loaclsei Management .system, 
l)ut don’t Itave tlie budget for ,some of die commercial products 
available, Radmind Ls a winner. 

Radmind is primarily a UNIX tool with ihe guts of its 
operation accessible from the command line. After 
installation, you can look at /usr/local and (as you might 
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exptfct) find your executables in bin and really good 
documentation in man. And if you're serions about using 
Radmind in the long-term, you'I! want to get to know the 
contents of these folders. But, if you download and install 
the Radmind Assistant installer in addition to the radmind 
tools, you'll have Mac OS X GUI apps to get you started: the 
Radmind Assistant, Radmind Transcrit)! Editor, and Radmind 
Server Manager 

m ■$ •f 

t^adirund Server Rddmincl Trjrrtscrlm Editor 

Figure 3 - Radmind OS X GUI components 

Start off by installing the software on both a test server, 
and a client that is running your current loadset. If you 
open Radmind Assistant on your server, you'll be presented 
with the "‘First-Time Run" dialog that will assist you in 
getting stuff going. 

Chtx>se “I'm new, and I want U> setup a R;idmind server" 
Tlien decide if you wan! to lei clients discover your server with 
Rendezvo— er, B<mjoiir. When done, you'll get to use the 
l^idmind Server Manager, Tliis gives you yt>ur first hint about 
how it works. 



Figure 4 - Radmind Server Manager 

RLtdmind Server Manager is split into three windtjws.: 

The “Radmind U.>adstMs" window^ disfdays all of your 
“transcripts". Transcripts are text files that detail iastailed files 
and folders, their extended attributes like permis.sinns and 
modtric''ation dates. Initially, this window will be empty, 
beaiuse y<iu have not made any transcripts and uploaded 
tJieiii. For reference, transcript files usually end in “.T 

The “Radmind Command File Hdiror" lets you l>mld your 
“command" files. A command file is just a text ftle that lists 
a collection of transcripts that make up your complete 
installation. You'll note that a default command file is here; 
called “base.K" Yes, command files end in ".K" As you 
would expect, “t>ase.K'’ is empty, since you have no 
transcripts to add to it. 
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Anti fmully, the “Radmind Server Configuratton Editor" 
lets you edit a .siinjsle config file timl deietmincs wluch 
computers use which Loadsets (or more accurately, which 
command files). You can specify clients by iP address, a 
range of IP addresses, and tloitiain names. Additionally, a 
wild card means that any client can connect and get a 
designated Loadset. 

If ycHj're doing all of this in I he command-line, you’ll find 
all of the alnwe in /var/radmind. Look Ibr the ctmfig file, tiie 
conima nd foldei; atid the transcript folder. 

At install, the server is pre-ctinllgured to allow all clients 
and Uj use the default Command hie (hase.K). Since there are 
no 'rraascrifDts oti the server yet. tliafs wheie we liegin on the 
client. 

Your first t'litmt ni*c‘iis to bv a clean copy of your ILoadset. 
rd suggest a fresli de()k>ynient to an erased hard drive. Then, 
install tile Radmind packages on to it and o|^n the Radmind 
A,s.sistani. Just like on the server end, you should see the Setup 
Steps. Tills time, elKK)se *Tm new, and 1 want to m up a 
managed client.'’ 

If you setup Bonjoiir discovery of your server, the client 
should automatically detect your servers address. Otherwise, 
yoiril need to enter it here. UkewiseSiinilarly, thLs is wliere 
you can configure more advanced options that are a bit 
l>eyond the sctjpt! (jf tins artkle, hui they give you a sense of 
what you can do with this software. If youTe just starting 
out, go with the defaults, 

# lUiJiriirKl As.s»tAnt: Firsl Kun 

' a Ratfmind CJtem 

Of fmr CDaflriuinq. you should sel ibc defaull ualuvs 
that Mill ted the Aadmhid Ms^ant how to run. If 
vCHi ehoot* to tci ut) auiom^fd nadminding m the 
itcsti «tep. thfi^e will aliO he ih the 

auiomaied 

Radmind ’ 

Comnanfon Path / ^ 

I ^ SSL Seem dy Level 0 - None _ 

^ Disable checfcfums ^kibatly -Ar.:.. 

Ehftble ehfrcki&umt glehajly . .. iiftiire 


Figure 5 - Setting up the client's preferences on first run 

On the next screen, you gel the options to cotifigure 
Radmind automation. If you plan to go with Radmind as 
your Loadset Manager, yt>u1l definitely want to explore this. 
Basically, the tipEions will install login and logout hooks for 
u.se with iHook (another U of Mich product) to make 
Radmind execuie during those times. It also includes a 
script for execution liy the system s periodic process for 
daily, weekly, or monthly runs in the background. For now, 
though, just move past ihis. These trptions can be set later, 
and you may want U> tweak the scripts for your own 
environment. 
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i set UD a New RadittintJ cneni 

Ffrit, mi need to sioft i^e ne^aive trA(isc?»pE on 
the ratJmind server. The negAtivv Transcript contains 
a liil pf files and direcipnes dial radmmd will nol 
manage, like togj and caches 


Select the negative transcript most ap^ropciat# For 
vwr setup from the li&t beFow, 



10.4 -lab-negative 


custom 

Choose... Edit Megative Transcnpl 


Co Back ; 

Figure 6 - Choosing your negative transcript 

when you reach the screen in Figure 8, yoiFre going to 
Sian with your first Transcript: the Negative Transcript. Tfie 
easiest way to think of a negative transcript is to tliink of an 
exclusion list, However, the documentation wall tell you that 
negatives are *noF= exclusion llsis, and iheyVe right. In real 
[practice, if a file or folder is listed in a negative transcri[>k 
Rad mind will make sure it is present and then leave it alone and 
not manage its c<)ntents. You mighi ntri see the iLsefiilness at 
first, hut think of a situation where you need k) have a folder 
pre.sent, but you don't care whaFs in it. For many Load sets, 
/Lfsers/Shared is a gnocl example. I’he developers were gexx! 
enough to give us default negative transcripts for both a lab 
etivironiTienl and a desktop environtnenl. 

That brings us to the Golden Rule of 'rranscripts: always 
edit them! There’s bound to be some file or folder in a 


transcript that you’ll want to pritne out ix^fore uploading it to 
Lite server. The negatives are no exception. Fortunately, there's 
a handy ‘'Edit Negative Franscript’’ button sitting riglit there, 
'this will LiLinch the l^iidmind 'franscripi Rdiior application and 
let you check out iLs contenLs. 


J 
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Figure 7 - Editing the negative transcript 


In the negative presets, the developers were nice 
enough to document each line with comments about why 
you should exclude these files from Radmind management. 
Edit as you see fit. By the way, Radniincl Transcripts are 
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really just text files, hut they are much easier u> edit in their 
own app. Here'sSee Figure 10 to see what they took like in 
a text ediior.: 

_ 

r^Tspotliglht database directory p Every writable moLffited 
d /pSpotltght-V100 0680 0 E 

# Obvious, no? Every voluiKe has its own .Trashes folder 

d /.Trashes 1333 0 E 

# database of frequently-accessed small files 

a /.hotf ties* btree 0660 0 

# volfs mount point, used by Carbon applicotions 

ct /*voi 0555 0 

# Cached information 

d /Ltbrary/Caches 1777 8 8 

# ColorSync Display Profiles 

d /Librory/ColorSync/ProfiLes/Displays 8775 0 8 

# Console logs, crash reports, etc. 

d /Library/Logs 0775 0 E 

# Global preferences, energy saver settings, login time 

# Remove or comment out if you're monc^ing a Tab. 

f /Library/Preferences/.GlobalPreferences.p11st 0644 

# Available network interface information 

f A i hrnru/PrMf^rfw^f^ i ra irot i nn/Mpf \4nrk TntPT 

Figure 8 - Raw transcript data 
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Figure 9 - Uploading transcripts to llte server 



Figure 10 - Radmind Server after adding the negative 
transcript 

Back to die clieni now. I lere's where the hm begias. We need 
lo cieiiie our f\m positive rransc'ripi. Bui first, we need to tell the 
client iliat die cxinimand file it's iLsing nt)w liius die negative 
tniascTipi. You do diis by running a .stiuitkiid ufxbre procedure, 
anti the client .shoiikl be ready to cb diLs, icalizing ihai you're still 
in your fina sieps. Tile clieni will (|uery die server for upckites to 
it.s command file and downkxid tlie new cuiiumnd file and any 
new tnumripls. (.>nce it lias die produaion negative tninsctipt in 
hand, it's ready to liuild your prxsitive inmscript. 

# R Riidmind AiiHittJ ni: Pith Sun 

Sai 0|> a N*w Radmtnd Client j 

SfFore continuing, you stHHuld itx me default 
itidl wdl ttH iht Radmind Af sislam how to nin. If 
you chom* to lit up Autamattcl tadmtpnding in the 
next iiep. ihc^e vdtuei will also b« osod in tN 
automaird iafsions. 

Radmind Server server, b eitinms 

ComeurtMMi pMh ^ ^ 

^ SSL Secorily Level: 0 - None _ TH 

Disable chtflisii mt ^ bbjl ly. d aster, 1 *< ufc l 

C kfUibie checRtums global Iv fWowe? mwc securer 
Skip I 


Since il is a negative traascTijit, and Radmind won’! manage 
these files, it makes st^ase to chexk the '‘Stom loadsci as empty files 
on rile server." Bin youll want to uncheck dial ixix on the next go 
roufKl. Hit die ainlinue button and die client will npkxid the 
tran.scri|>l to the sen^cT. If you move Ixick lo the sc^rver and mfii.'sh 
the "Radmind Ixiadsets” window, you'll see that it found the new 
inmsc'ripi vviinis to move it into production, Hil OK. It will do a 
quick .scan and then oIIIt to add the traasLTipt t<i your default 
command file. 


Figure 11 - Radmind getting ready to build the base positive 
transcript 

Feci fret? to give il yiHir c wn name, W'hen you press condnuc, 
die RadniiiKl client will scan the contents d' your Ixxjt disk, 
gadiering info about every file and tblder thil is na already in die 
negative LranscTipt. Il puts this info into a new^ positive tcinscript 
for upload to die server Tliis lime, lx,‘ sum lo leave die "store as 
empty files" UN-checked. You want diese files to be on die server 
On the server end, walk through the same prot'es.s as the 
negative transcripi: refresh the Uxidseis window, uptlaie/verify 
the newly uploaded Transcript, move it into [inxluction and 


70 January ♦ 2008 


WWW.MACTECH.COM 









































CodeMeter: Ready for Leopard 


Picture: Pixelto 


■ Highest Security 

■ Vendor selectable secret and private key. 

■ Strong encryption algorithms with AES 128-bit and ECC 224-bit. 

■ Best-in-class tools for automatic protection (envelope, without source modification) 
for Win32, Win64, .NET, Java and MacOS X Universal (PPC, Intel). 

■ Best Fiexibiiity 

■ More than lOCK) Independent licenses can be protected by one CM-Stick. 

■ One versatile hardware key for all license models including floating network licenses. 

■ Multi platform support including Windows, MacOS X and Linux. 

■ New Distribution Channels 

■ License transfer by SOAP based CM-Talk or file based Field Activation Service in e-shops. 

■ Multiple-purpose, including protecting low cost software and digital content. 

■ Unique End User Advantages ^0 

■ First and smallest dongle with up to 2 Gbyte flash drive. . 

■ No drivers necessary - can be used without administrator rights. ■' 

■ CM Password Manager, secure virtual drive and secure login. J 




Order your Free Software Development Kit now! 
Phone 1-800-6-GQ-WIBU | order@wibu.u5 


WIBU-SYSTEMS submitted the 
CodeMeter Password Manager and 
the CodeMeter SDK for the 

Apple Design Awards 2007. 


©2007 by W[BU-SYSTEMS USA, ItK. All tights reserved. 



UIBU 

SYSTEMS 


WIBU-SYSTEMS USA Inc. 
2429 NW 197th Street 
Shorelme,WA9g177,USA 
wvwv.wi buxom 
info@wibu,us 
Tel: 1.8(X}.6,GO.WIBU 
1.206.54G.4S91 
Fax: 1.206.237,2644 




















iidd il to Lilt' ("ommiind Barring any hicxTups, yon ^ihoiild 
now have a working Radmind solution. 

Let's tiy^ it rxit. Pretend that you’re a naughty end-user who 
likes i;o install unauthorized* untested appliaitiom. Download a 
new Ltpp or if you’re really feeling lx)ld, a Mac OS X Qaribo 
Dpditer, and install it* Now, open up the Radniind ^sismni nm 
tj-jrough Tlpckite this machine*" 

You migfn already have the idea, hut here’s wliai happtms: 

Assistant checks for and if necessary downloads tlie 
latest Command file tliat matches your compiicefs info in tite Config 
lile. 

'nillien tite RA downloads any XmnscripLs S[xx:ified in the 
Command file that it doesn’t have yet. 

RA mas Isdift'’ to compare your existing files and fokte 
against what tlie sum of iLs transt:ripls say you are suppt>sed to 
have. From tliis info, it builds an *'applicalde” transcript of tlie 
differences* You enn view this transcript liefore proceeding to see 
just what Radmind is going to do* 

On your go-ahead, tlie RA is going to mn lapply' which 
follows the applicable tianscript. It will erase any extra files that 
didn’t exist in your Radmind Loadset. It will download from the 
server any files that weni tnissing or got changed and pm ihcm 
hack. 

It wants to reboot when done* At tliat point, the changess you 
Cor your naughty end-users) made arc^ gone. 

But wliat if you want to make pemianeni changes to your 
Lfxidset? After all, tliais wliat this article is alx)ut. Once you have 
a working Radmind solution, adding even minor changes is very 
easy: you just create a new positive iransf iipt, upload it to the 
server, and add it to ytxir command file* Tliesc' nev»' |X)i.sitive 
minsciipts are usually referred to as "ovei'loads" Overlcxids cun he 
as simple as a one-file mfxlification, a single new sofrware 
installation, or multiple ufxiatcs and new .sofiware packages* It 
de[xmds on hm you want to oiganize it. 




Had mind Cnnimand: tditax 

cf 

'*■ 

% 


HI 

($) 

New CajKinund file 

Ddctd 

raidtf 

Add ipcdji Cmrv 

(lelrtih 

CfimtAAnd fltei 


Typt 

M.anip 


*< b^£e.K 


P 

; bA&e-lDddseLT 




P 

J ftrefojfi T 




H 

; l0.4-<|€s)i{tap-f>e9ailv&T 


It 






Figure 12 - Adding overloads to the Command file 


Note how the oveiloacl exists lietween die ixjsitive Ixtse’’ 
tmnscTipt and the negative transc'ript in the Command file* Uiyering 
of TransexipLs in a Ctanmand file works from lx)ttom up* Ideally, 
you want the negative tninscri[X first so diat its a)ntents are always 
ignored. 'Ihen you want your oveitaid, which will mostly contain 
stmie newer Files than those contained in the ba*se [Dositive* I'hen 
anything else in the Ixise will lx used. 


Any of your workstations ninning the Radniind client will 
pull down the changes when they are told to run a Radmind 
update. I’his can be done manually at each station, or via "Send 
UNIX Command" in ARD, or through the aforementioned 
Radmind Automation, which ytju can acces^s tlirough iJie 
Preferences of the Racliniiid Assistant. 

Bottom line: Radmind is perfect in simations where you 
have compieie control of your Loadsei. It’s flexible enough to 
handle muki[de Loadsei configurations and can Ix^ set up with 
automation dial works well if your W scheme or DNS can 
support it* You can also do some advanced configurations with 
ytiur command files and Lran.scripLs tfial makes slu>rl work of 
deploying retail licenses (as o[>posed to volume licensing) and 
deploying a single new transcript to all of your loadsets. Heck, 
Andrew Moiten.sen at iimich even got an Intel version of Mac 
OS X to run on a G5 l)y slacking Radniind transcripts. So there's 
a *lot* of power here, 

But where it fails is that to harness that power, you’ve got 
to pul some scTious effori into iweaking y<Rir Transcripts, and 
possibly even die included hooks. For many small shops that’s 
too much work. In the setup Fve descrilied, Radmind is an alL 
or-none soluiion. For example, while it may be po*s,sifjle, it’s not 
immediately obvious how one would just use Radmind to 
deploy an application without managing tlie entire IxkX disk 
and all of its applications. 

That being said, it sure is hard to igmxe that price tag. 
Many lime.s, it’s not hard to get api>roval to itiiplenient Free 
softw'are* :-) 

FileWave 

FileWnve, by FileWave USA, Inc. and its si.ster prcxliici 
A.s,setTaistee bring us into the realm of non-Apple, commercial 
prtxlucts. Su, right off the Ixu, it’s going to trlipse our pre\ious 
two products in the tact tliat FileWave is going to work cios.s 
plaifomt and ii's going to have commcnial-levc^l supfxjrt iMjhind it. 

The basic breakdown is that FileWave is responsible for 
software distribution* where AssetTnistee tracks licenses, 
iiardware, and well...as,seLs. FileWave is the jiroduct that fits the 
scope of this article, iuit as you go through FileWiive's ineiius, 
you can tell that tlie company has made these products to be 
complimeniary. 

When you kxik at the FileWave install disk, you see four 
[Package files representing the Four FileWave components: 

The servtx, FileWave Server, installs on your designated 
machine that will house all of the software files dial are to be 
distributed* deviously, this computer should be highly 
available ancl have plenty of room. 'Fhe client, ’’fwcld" installs to 
all of your managed computers. 

Much like Server Admin or Workgroup Manager on OS X 
Server, the FileWave Admin can be installed on any 
admin istnitive worlcstation, as well as the *server ilseif. 

And then, there is the final component, the FileWave 
Booster, As the name would suggest, the Booster provides 
redundancy for your FileWave Server* Ciient.s will be directed 
to try and contact the Server first, and tlien try up to 5 Boosters, 
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Since they are all .pkg based mstails, if you're curious 
alKjyi wliai U's pulling wliere, you can dig into ihem easily 
enough if youVe curious about what it's pulling where wilfi 
the Show Files command of the Installer.app or with 
Pudfisi. Pretty much all three hang out in the background 
as daemons, and they are all pretty easy if) identify in 
Activity Monitor or tup. The server, for example, runs as 
‘"fwxserver" 

Wlien you install ihe clienl, you are presented with a client 
Setup Assistant. 

FiteWave'"' KCliem Assistaiii ^ 

Welcome td ihe nieWave'** KCEient Seuip Ass I Slant. 

Oiiter the appropriate values ta complete the installation. 

tP Addres s or DNS Nam e Port ^ 

^ Server; server,bestmaci 2001S ^ t 

I Boosierl: ^ " ~ 

_ Use Computer Name for XClient Name 

I - 

XCUertt Name ftestMaci Demo CUent 

XCIIem FassfM>rd - — 

Paisword <Conftrmr 

Desktop Owner Name. iDcatadmln 
rshon name) 

C Cancef ') 

Figure 13 - FileWave Xdient Assistant 



Obviously, you'll necxl lo enter your server address and 
port nunilxir, but notice the little Btinjour symbols next to the 
fields. Don't lie surprised if the client automatically finds ynur 
server. The ability lo designate liie first Bcx^sier shuukl suggest 
to you tliat having multiple Bcx)sters might not only provide 
st>me fault tolerance, f>ut also allow for some load distribution 
for larger networks. 

'Ihe client name and password will be unique to FileWavc; 
your users will not need to know them, llie fact that the server 
auUicnlicales to clients is useful in larger organiziitions, where 
you might have more than one Filc'W^ive serviee in play. Each 
server can manage a unique set of clients. The Desktop Owner 
Name is the “shoriname*’ of ilie primary user of the computer. 
Presumably this is for installers dial try to add daiu to the user's 
home folder. 

If you'd prefer u> not have lo in.stall the client package 
manually, FW offers two other ways to do it from ihe 
FileWave Admin app. Ihe first requires that you have SSH 
admin ac'c:e,ss in the workstation; it will send the client 
software and configuration via SSH lo the target workstation. 
The other lets you do a mass deployment to all of the 
machines in your AssetTrustee clataba.se. 

After entering your activation codes, when you log into 
FileWave Admin, it Itxiks a bit like tliis.: 
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FREE! Starter Web Page 
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FREE! Complete Email 
FREE! Change of Registration 
FREE! Parked Page w/ Domain 
FREE! Domain Name Locking 
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FREE! Total DNS Control 

Just visit 
I www.mactechdomains.coni 
to register for your domain today! 
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Register 


when a non>domain name product 
is purchased. Limitations apply. 


M/tcncH 






























Figure 14 - FlleWave Admin 


Ai liie lop, you'll notice a Hiatus window that gives you a 
sLiinniary of what your license allows, versioas, and the MtKiel 
Number. (More on that in a moment J 

The “Clients & Groups" window, as you might guess fn:j[Ti 
the name is where you’ll add your clients and group them. And 
tliiit’s the first tiling you1l want to do: add your clients. r>o this 
by clicking the “Client Manager" button, A new window 
appears lhai lets ytju organize tlie clients and their groups. 




FiieWave''* Clients & Croups Manager 

P Groups 

Name 

a 

Q Cllenis <K 

Name 


Figure 15 - FiteWave Clients & Croups Manager 

in the lower right comer, dick the “New Client" button. 
When you gel into the new client area, you can see tliat the 
FiieWave developers have given a lot of thought to leveraging 
existing tcx>ls that you may already have, like an LDAP or AD 
server. 

If you pre-define your Groups, you can put clients into 
them as you add clients to the list. Otherwise, you can always 
drag and drop them later. Configure the groups in the logical 


arrangement that makes sense for your (organization. Since the 
Clients will contact die server on their own, you need not worry 
about matching your IP scheme or DNS to the logical groupings 
you'll use in FW, 

You can also specify Utat a single client exist in multiple 
groups with a familiar aliasing merhtxl. Option-drag a client 
into a group and the diem appears in tlie group widt a cute 
arrow on iLs icon and italicized text. 
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Figure 16 - A populated clients and groups window 

In the “Filesets" window' is where you start to add software 
iV>r FiieWave to deploy. By far, the easiest way to create a 
fileset is with simple drag-and-drop. Slicking with the Mozilla- 
Ixtsed browsers, atlding Camino to the mix simply requires 
dragging the app from its disk image into die Fiiesets 
window'. It confirms that's what you want to do and then 
copies all the data fnoni the app into the L"W Server's file store. 
You do the same thing witli Package ba.scd installers; the 
difference is that, instead of parsing the package and putting 
the files where they neetl to go, FW hancLs ilic entire package 
off to the FW client in /usr/iocal for installation on the client 
side. 

But those are the easy kinds, right? What aboui VTSF r>r 
other third-party installers? For tliis, you go under the 
Assistants menu and select FileSet XMagic. 'I'he process is 
very similar to that of generating a Kadmind Transcript: first, 
F'W generates a “snapshot" of the entire volume lo wdiich tlie 
software will be insialled. You then install the sotbvare, 
open it, license it, configure it, etc. Return to FileSet XMagic 
and Create the Fileset. It compares the current state of the 
volume with the previous snapslioi to isolate the differences 
and adds them U3 its new Fileset. Clearly, it makes the most 
sense to do this from a computer very much like the Loadset 
you are trying to manage. Remember, tliat FW Admin can 
nin on any computer on die network and talk to your server 
remotely. 
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Figure 17 - Examining Filesel Contents 


Once a Filcscl is in the Fileser.s window, you can c'dii its 
ainlenLs l>y doubleclicking the ftleset entry, Fn^m heiet you can 
niodity tlie names of files and folders as well as extended attrihiikrs. 
You can also <lelete unwanted items or move things u> diffea’ni 
l<x.''ati(>ns. Take notice of the "Hide unused folders” checklxtx in the 
upjx,T left. If you uncheck it, you’ll see the cxjmmon folder 
hierarcliies of kxh a Mac: OS X lx>x and a modem WtndtJws !x)x 
along with wliere your files reside. 

Tlie liniil window of h'W Admin tliai we liave yet to disauss is 
the Asscxiaiions window. This is wliere ymi Siiy, "1 want these filei: 
on this group of coitijiuIlts." lAnd it, too, Ls simple drag and drop: 
just drag a Fileset fit>m tlie Filesets window onto a c’omputer or 
group in the Clients Groups window and you’ll see tlie 
ass(xn;itUm appear. 



^ UlkbflHKlOft 


1 

n ]y»i r*kC|i^ 

Figure 18 - Setting up Associations 


A nice featua^ of Associations is the ability to individually 
schedule tiiem. Just double-click an a^sscxialion from the list 
and set times for downloading, activation, inactivity, or deletion. 
’I'he disparity t?f installation and aaivity is particulady 
interesting. You can designate that download begins 
immediately, but it only gets moved to its active location (so 
people can use it) when you dictate. Ibis would he cspc:cially 
useful if you have a numl>er of laptop users and want to ensure 
that everyone starts using the new version at die s;ime time. Or 
if an update does not go well for compatibility reasons, you can 
leave it installed in anticipation of a bug fix, and simply 
deactivate it until the fix is ready. 


-----, 

td*t Association between Fileset. 

Apple)dck Distribution \ 

and Client/Croup/Clone; J 

V just Testing | 

M Starr downloading at: ^ Activate files at: 
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_ Make files inactive at; Q Delete files at: 

( Cancel ) \ 

t 

Figure 19 - Assodation options 

Now after all of iliis setup youVe done .so far, nothing Iras 
changed. Filewave works with a dataliase. When you make 
duinges to any of the windows in FW Admin, diose dianges are 
not commirted until you save die dianges to die cktialxise. 
Kile Wave calls eadi combination rf clients, fileseLs, and asstxiations 
a "modd" and as mentionetl earlier, you oan sec whidi verskin of 
tlie model you are using in the Status window You commii 
changes to the mcxiel l>y sclcxting Update Mtxld from the FileWave 
Xserver menu. likewise, if you iiuike changes that yt3u dcxicie you 
don't like, l:)efore you gt) and commii to them, yt>u can select Revert 
to List Model. 

After you update die nitxlel, take a ltx>k at wjiai’s going on 
witii ytjur client by righl-dicking it in the Ii.si ofclicmls and seleaing 
"Open Client Status Monitor". While yixi've g^A tlie menu open, 
lake a look at all die other coiiimantLs they ha\^ added for your 
eonvenicTice; again leveraging odKT tools you inay l iave. 

# O Oten^suti^ Moniior, Ei:stMdcs Demo Clieni , 

Name: BeitMaci D^mp Clieni 

Adtlre&>: 192.16«. 1.99 Poflr 20010 

Version; 3.Q.0 (Build I46t Platform; Mac OS X (IrtteO | 

tlO.4.91 

Filewave™ Server server.bestmacs | 

Model Version: I I 

Si^ui; Ruiifiing,.. 

File: j 

( Verffy... ' ) ^ Client lo^ ' Pfetert ncei. ^ ^ | 

\ 

Tigure 20 - FileWave Client Status Monitor 

Don'x be surprised if you can't cTitch il actually cxipying the 
data from die server to tlie client. The w-ay you can tell ev'erydiing 
is tiilking is liy watching ytnir Model version. If the tntxld version 
displayed tn Clieni Status Monitor niiitches the current Model 
version on die server, die client is up-to-date. If ytxi really want to 
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lie siia^ dick llic Client \x^ hjtion, ys it will a‘vatl any em>rs that 
rnay iiave (x.‘airreci. To ditxrk the Mcxiel numf^er on all u( your 
clienis, simply dick ihe CliciiLs Rejx)n btrtron on the Clients ^ 
Groups \\Tnclow, 

Another nice component of h'W Is that you don't liave to 
schedule clients to m;tke sum dial everything is stiL present 
They automatically check in with tlie server on a mpeating Ixisis 
to m^ike sure ihai ilieir IVIcKlels am u)>to<Iate and tliat the hle^s 
tliey are supfMKsetl to have are still there. You can do tfiis 
manually as well by dicking the Verify button in the Client Staais 
Monitor. 

Bottom line; lalcWave is an extremely capable and scalable 
loadset Manager, Its featums are cltMirly designed with the 
administrator in mind. Support from the company appears to 
very g<Kxl; they include a lot of references to get you up to speed 
quickly and then you can explore the user manual to get mom 
in-depth into its capabilities. Matching FileWave with 
AssetTrustee's capabilities tan only increrase its u.sefulnes.s. 

It seems that earlier versions had a tvad rap on the interface, 
speed, and system demands, f>ui the reviews ft>r version 3 seem 
to indicate that these is.sues are no more. If you liaven/t given 
FileWave a Icxjk lately, it miglit fx.* time to download a new 
demo. 

So, if you have Lite budget, and prefer to have a tx)fTipany‘s 
support team hacking your solutions, FileWave is a winner. 

LAN rev 

lANrev is a pnxiuct of Pole Pt^siiioo Software. Ihe model by 
this point should stx^m faniihiir: LANrev includes three 
components, a seiver, a cHeni (called an “Agent"), and an 
administrative program. 

ll|Xjn o[X‘ning lANrev’s admin program for the first linx?, you 
ane wjilked thixxtgh a setup assistant, asking for initiaJ administrator 
name and password, server adda'ssing, port numlx?rs, attd llie 
option to tetrieve authentitticion inlo fre^m an exi,sting lj\Niev 
.server Mhen. it brings you to the (7ompuEeis window'. 

^ CDtwvim 

% 

ravhpnf CMWMWI t If^ irirW*i 

i CWWMI1«M IbWeiT^H Aqfnilja'.wV 


Figure 21 - LANrev Computer window 

First impression of lANrev's inteilace should scream “iTunes" 
- dt-arly they have adofXcd the kxik and feel dial Apple is 
presenting in its prcxlucis, jKissiljly in tinier to achieve a sense of 
uniformity. Tliai’s noi a Ixicl thing * diances are you akrady know 
how to get anxind tlie LANrev' windows. 

The Computers window is emply of cx>utse, until you iasLail 
Agents. The Mac* Agent installer is a jyackage. But a mure 
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intea*^in^> vniy of iastalling the Agent \s vL'i the l^uilt-in “Agent want to use the Scjhwure Distrthiirion Center. Access it via the 
Deployment Center." Wintlow tiietiii. 
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Figure 72 - LANrev Agent E>eployinent Center list 


Select one or more smtions clJscoveied via IkJiipur, and the system 
will ask you for an SSH login iind password, as well as .server 
configuration info, like in Figure 26. 


^ Aflgnt Deployment Cgnter 

Sl^i logtn username, lacatadmln 

ISH iD^ifi password: »«««*•«- 
Password verifi»lipn •••••n** 

Use Afitni Insralf^rr ^ fly Hi in 

C Olher ( Se^ea., D 

Invcmorv server address server^sfmicsl | 

mventory server porn 3971 

® (s^D 

Figure 23 - LANrev Agent Deployment Center client login 

Once your clients are insiallecf tlie computers list will be 
|x>pulated. If you don't see it iminedtately, select “Synchrunize 
All Tables" from ilie "‘Server" menu to uptLttc tlie Admin's info. 
I found it necessary to do this often to make sure 1 had the 
latest info, 

Itighi off tile bat, you'll see that LANrev is kxjking go 
beyond Loadset Management. noul)le-clicking a contputer in 
your list reve^ils a wealth of infonnatiun, akin to System Profiler. 
And if you go under the “Cx 5 mmand,s'' menu, you1l notice a 
numl)er of admirtLstrative tasks that might even give ARD a rtin 
for its mtjney. 

Before it am do what we want LANrev to do^ the Agents 
need to gtttlter info alxxii their hosts and send it along to the 
Server. They do this automaiiaiJiy over time, but .some initial 
information needs to Ik.' gathered manually. Do tliis by 
selecting “Gather Inventory" from the Commands menu. Check 
the box that says “Force full inventory" and click the Kxecute 
button. 

Deploying .software with LANrev can be done in the same 
mannerisms as ARD: copying individual files and folders to 
different locations on a target disk l>y using the Transfer 
File/Folder Command" And again like ARD, you am copy 
down an installer and have it execute by using tlie “Exeatte 
Macintosh File" command. The f)rohleni is that you have to 
click tluough the buttons on the local workstation tlirough 
something like VNC, or give instmctions to your end-usera. To 
really accomj:)lish tliese sons of tasks in LANrev, you're going to 
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Figure 24 - LANrev Software Distribution Center 


lixiking at the list on the left of the window in Figure 27, yoifll 
see the tltree main components to the SDC: sc:)ftwaie packages, 
staging servers, and (ji.stril>ution groups. 

A staging server is going to respcjnsible ftjr storing the data 
and distributing it to clients. An inteixtsting cafxibility of LANrev that 
aids in scabbility of this failure is that any Agent tan he a sUigiiig 
server, provided iluii it uilks Imk to the main lANrev server. 
Qirryrng it a step further, any LANrev agent can also lx? a minor of 
the rmiin smging server. For small networks tliere Ls nothing wrong 
with Ixaving the lANrt:v server and tlie staging service on iJie same 
lx3X. vSet up your staging server in tlw SIX window by clicking the 
“gear" and selecting “New Staging Strever" 


, Stiver } 

* Sctwi-^ddre^i. server.besintipict 
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Pacliaget root pAth ^LAMrevSDC | 
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Figure 25 - LANrev Setting up a new staging server 

Note liow you can define tlie rtxH path of where software 
clata is going to stored. Wliat I put in the window of Figure 
28 is not a deftiull * you ccxild put die data on any atlaclied 
volume. But, wlterever you decide to stow it, trt“at it like an 
iPhoto Library; nu nJify it only through its apfilication. The 
“mirroring" checklwx went gray wiien selecting this staging 
server to lx? a “imsler server." 1 left the assigned II* range l)lank, 
but presumably ihinS would l>e an additional source of load 
balancing for ytjur staging servers. 

Now dial this Ls in platr, you'll want to add some .software 
packages. Hit the? “gear" again and seied “New Software 
Package”. 1 .sliould clarify tlie use of the word “jxtekage." Usually, 
wlien we Miic admins think “p;K kage" we think of the “yellow- 
c^nmge translucent aibe coming out of the carclbaird Ix7x" icon 
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and ",pkg”. It seems that when Ij^Nrev uses llie word "package"’ 
they mean a ajilctlion of installer data rliat Ls packaged for 
disiribuiion by LANrev SDC. 
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Figure 26 - LANrev New software package 


In Figure 261 have liit die .Select Ixitton and pointed it to the 
“,plcg” I wanted. Tile "package name” held Ls unique only io 
LANrev as an identifier It can whattrver you want to call it. 
Notice thil 1 have designalcd the n>ot as lire target iastallation 
choice, which makes sense for this kind t)f update. Leaving it blank 
would liave had the same result, as 7” is the default. 

LANrev also lets you select disk images liere. Keeping 
with our theme, if we were Itxjking to install Camino or 
Fircfox, unlike the <jther software we Irave looked at, for 
LANrev, we'd keep it in its disk image and select the ".ding” as 
the Executable. Using disk iinages may l>e a big boon to this 
software as k can maicli U]> the contents of a disk image with 


the target vain me. Wliile 1 didn't test it to see how well it 
works, yt>u could iheoreticaJly deploy an entire Loadset 
through the LA.Nrev interface and skip NetBuot/ASR 
altogether. 

Til is once again idlings us to the diiFicull insralleis. LANrev’s 
solution to the problem is an application called LANrev lastallEase.t 
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Figure 27 - LANrev Install Ease 

installHase gives us the same scan - insrall/config - 
capture differences as weVe seen in the other apps. One 
differenee is that installKase will also let us manually specify 
the locations to eafiiure. So if you already know what goes 
where, you can skip the scanning process. One olIict 
suqirising feature of InstallKase is thai ii will create an 
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"uninstaller'' package from an existing .pkg file. I'he fact that 
InstailHase saves the results into a more widely compatible 
installer format makes InslallEasc afipealing in its own right, 
independent of the rest of the LANrev suite. 

Back to our setup in SDC, click tlie “Installation Options'' tab. 


is completely aiitomated, and sometimes doesn'l happen 
immediately. 
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Figure 28 - LANrev Package Install Options 


The options are what you'd expect from any installer, 
with a few notables: the User inierattit>n option can give 
the end-user a cliance to defer the install to a later titiie, or 
just do ir without their knowledge. You can define a 
particular staging server that will rim this install. Also.nd 
the checkbox to ensure that no one is logged in wlien 
installing the software may be a welcome addition, 
especially in the case where a reboot is rec|uired. 

And finally, tlie third Lab leLs ytm define conditions for 
install. By default, it will install the software on all targets. 
But, if you want to throw in .some safeguards, this is the 
place to do it. Click OK to save llie LANrev package. 

Finally, we need to setup our distribution groups. By 
default, two groups already exist: “All Macs" and “All PCs”. 
If you want to define smaller groups than that, just click the 
“gear" and select “New Distribution Group” Add individual 
computers to it iliroiigh drag and drop from ihe 
“Computers" window. You'll also want to assign a staging 
server to each distribution group. Again, it's just drag-and- 
drop the staging .server from the Staging Servers list into the 
“Assigned Staging Servers” section of die Distribution 
Group. Yon can also do this by editing the Staging Server's 
preferences. 

Once you have all tliree items ready Uj go, performing 
an install is simple: just drag-and-drop the software package 
on to the distribution grotip, and the assignment is made. 

But, you’re not done. Since die Admin software can l>e 
run on any workstation, you need to commit the changes to 
the LANrev server. Do this by clicking the “Save Changes to 
Server” button in the upper left. When yon do, you'll see alt 
of your packages upload to the staging server. 

You can check on the status of installs by looking at the 
Insiallalion Status section of the SDC window. The process 
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Figure 29 - Use only LANrev for OS updates 


Cine unique and highly useful feature t>f LANrev Ls its 
ability to leverage the built-in software update mechanism 
of the OS. When Software Update detects a new update for 
the computer, the LANrev agent checks in with the SDC to 
sec if it already has the update. If it does not, the Agent will 
download the update package, upload it to the server and 
put it in n group of the SDC called “Unconfirmed Updates”. 
Beftne Lhese gel deployed, you have to go into the group 
and approve them by dragging them on to your Distribution 
Groups, If you’d rather not, drag them to ilie Rejected 
Updates group. 

Bottom line: More so than any other program in the 
list, we haven’t scratched the surface of whai LANrev can 
do. We only focused on the features specific to Loadset 
Management, and it clearly does so much more. As the 
chief competitor to FileWave, it's only fair to mention that 1 
did not evaluate Asset Trustee versus LANrev for things like 
license management and hardware inventory. Because it 
does so much more, LANrev seemed a little less intuitive to 
me than FileWave, hut once the settings were in place, it 
funetions very similarly. 

Again, it's conimercial software, which means you'll be 
shelling out some dough for it, hut you’ll also be getting 
some support resources from the developers. Given the 
.swiss-army-knife-like amount of stuff you can do with 
LANrev, especially heyimd the scope of this article, my 
suggestion is iliai if you can buy one, and *only* one set of 
tools for managing your Mac network, LANrev would have 
to be the choice. 

Windows Support 

I left Windtrws sut>pori for the end because if youTe not 
dealing with it, then the rest of this article is of little 
importance to you. For those of us dealing more and more 
with cross platform deployments, even in a once all-Mac 
shop, the tools above have varying degrees of Windows 
capability. 

Dealing with BrK)iCamp is essentially dealing with a 
Windows PC that just happens to have an Apple logo on it. 
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No doulH youYc u.sing some sort of distribution muthod, 
like Mike Bombich’s NetRestore for putting tt out there. But 
after that what dt> you do? And wliile at first glance, 
updating tlie virtual disks of Paralleis or VMware might 
seem simple enough * slKK>t one big file across the network 
- it's really the same dilemma. You have a loadset in a tlisk 
image and it needs u^Klating. 

Our first prtnluct, Apple Remote Desktop does uhh... 
well, it will VNC into the Window.s box. So at least you can 
^sneakerner from your dcnsk. Yeah. 

Radiiiind has a PC version of its Tools. They aren't 
updated nearly as often as the Mac/IINIX version.s anti they 
arc a work in progress. They are essentially Windows tKjrLs 
of the cotntnand-line tools (no GUI assistants) with “ntfsdifr 
instead of ""Isdiff" and some extra registry tools. They also 
included some sample negative transcripts to get you 
started, but they are not defaults. Youll want to generate 
your own. Take a look at the Radmind Wiki for more details 
and how to get going: 

http:/ /webcpps.ifcs.ijmich.ecL/raclmird/lrxJex.php/Rad^ 

FileWave is going to be much easier here. 



Figure 30 - FileWave Windows Client 


Look familiar? And once you get into the FW Admin, 
adding the client is essentially the same process, Mac and 
Windows clienls ?»il sided^y-side in your Clients & Groups 
window. Much like was done with Mac package installers, 
the Ftlesets window supports importing ,MS1 installers. Hie 
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only trick t.s to be sore to edit the Fileset and drag all of the 
other .support Files that are with the .msi into the Filcset’s 
contents. If you need the iMagic component tiiat scans the 
disk before and after to obtain the differences into a FileSet, 
the Windows installer includes a program to do the activity. 



Figure B1 - FileWave Magic in Windows 

LANrev takes Windows compatibility the furthest of the 
Ininch in that eveiy one of its functions can be installed on 
a Windows system and interoperate with the Mac 
components. The LANrev Admin for Windows operates 
smoothly talking to the same server that I had setup on my 
Mac OS X box earl ten 



Figure 33 - LANrev SDC in Windows 

So if all of your availal^le storage space is sitting 
attached to a Windows box^ you might want to go with 
LANrev, just so the Windows hoK can l>e your staging server. 

Conclusion 

Like any other solution that you deploy, the Loadset 
Management system that you choose is going to depend on 
a number of factors. You should sit down with the demos 
of all of the applications at your test network and use this 
article, along with the product documematioo, to evaluate 
them for ytHirself. Find out which one makes the most 
sense for your budget, time, skill level, and needs. Then rest 
happy knowing that the next time Software Update pops up, 
youhe not looking at i>ig redeploy. 

7i^i 



Figure 32 - LANrev Admin in Windows looking at the 
same server as the Mac version 


In fact, you may want to have LANrev admin on both a 
Mac and a PC, regardless of which OS runs the server, so 
tliat you can create software packages on eacji plaiform. 
One caveat to remember when dealing .msi installers is to 
check the lx>x for “Transfer all files in folder containing 
executable” wlten creating the Windows installer package. 
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MACTECH SPOTLIGHT 

Peter N. Lewis 

Stairwa}/s Software Pty Ltd. 

http://v^Aw. sfroirwoys.com 

What do you do? 

CEO. CFO, CTO, Programmer, 'fech Support, ctf 

How long have you been doing what you do? 

I suirtccl ptogmm on the Mac and relea?jing Freeware and 
then Sliareware on the Internet in 1990. and formed Stair^'ays in 
1994 when my revenue.s began to exceed my ikiy job’^s salary. 
So have Ix-cn writing Mac Solt^are, mostly [ntemei related and 
all Internet distributed, lor 17 years now. Early this year I sold 
our flagship program. Interarchy. to out lead developer, Matthew 
Hmyton. wlio formed Nolulx^ to continue it, so citrrently it Ls just 
me working on Keyboard Maestro which is a macro program we 
at'quiretl a tew years agtj. 

Your first computer; 

My Ursi computer was a TRS-80 Model I Ixwel 2 with IhK 
of RAM and a Tajx Drive. Which means my current computer 
is a tlH)Us;tnd times faster and approaching a million Eimes more 
memoty than my first. After tfiai. I liad an Atiistrad 6128 and then 
a Mac [Mils, and then a successum of many different Mac models 
(the Mac Ul 475 still holds fontl ihemortes us an early elegatit 
Apple computer). 

What attracts you to working on the Mac? 

'Ibe attention to detail. You can't get uw'uy walli anything 
less that ciiecking every i>ixel on the Mac. Every huiion needs 
to lx lined up just riglu, every icon placed in just the rigiit 
position. It forces you to iliink very clearly alx)Ut what the 
citstomers will sec. 

What's the coolest thing about the Mac? 

The cliscernmenC of the customer base and ilie 
consequences that has for tlie software f get to use, Proity much 
all the sofhv'are 1 use on the Mac Is eleg^intly done because it 
simply would not survive {jtlierwise. 

If I could change one thing about 
Apple/OS X, I'd: 

I would like to see Apple lone I jack a bit on dictating to the 
customers what they can atid can't do. ^specially where there Ls 
no gcxxl reastm except some idea of ""Interhice Purtcy”. Em not 
talking aix)Ut allowing iPhone applicaiions, tJiere may l)e gtxxl 
reasons for that sort of clioice. More tilings like not allowing 
customers to override tlie Command-l'ali key, or delete the 
Movies folder. Hie things where there is nt> gtxjd rt'ason to stop 
the customers fn>m making changes. 



What's the coolest tech thing you’ve done 
using OS X? 


Pn)bal>ly Internet Config. Every lime you click a URL in 
Mail or BBEdit and it opens a browser window in Salari, you Ye 
iLsing the retiinants of Internet Ginflg whicit was originally 
written by Quinn. Marcus and ! ixte k in 1994. We released it into 
tJie Public Domaiii to ensure wiilespread adoption, and it was 
ev'^eniually iiicorporaicd into tlie Mac OS system .software as well 
as supported by mnumenihle applications. 

Where can we see a sample of your work? 

At http://vAvw keyboardmoe5fro.com/ you can download or 
read about Keyboard Muestio. 

The next way I’m going to impact IT/OS 
X/the Mac universe is: 

Currently I am working on the next major version of 
KeytHDard Maestro which will extend tlie ways you can coiitroi 
your Mac in some cgiiie new directions. Alter tiiat, I do have an 
idea tor a program Id like to write, but it is too far offf to discuss 
just yet. 
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